Tag: insurance
-
US Treasury Weighs Cyber Insurance Backstop
Federal Review Questions Whether Private Insurers Can Absorb Cyber Losses. A Department of the Treasury review of cyber risk under the Terrorism Risk Insurance Program comes amid concern that nation-state attacks and systemic cyber events may overwhelm private insurers, raising the prospect of a federal backstop to protect critical infrastructure and economic stability. First seen…
-
Florida Suspends Firm for Unlawfully Offshoring Claims Data
State: Medicare Enrollee Data Sent to Unlicensed Firms in India, Philippines. State insurance regulators have suspended a Florida third-party health administrator firm for unlawfully offshoring sensitive claims and other data of more than 23,000 Florida Medicare Advantage enrollees to several unlicensed companies in India and the Philippines. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/florida-suspends-firm-for-unlawfully-offshoring-claims-data-a-31177
-
Companies face difficult choices in blaming hackers for an attack
Publicly naming a hacking group can affect everything from retaliation to insurance coverage. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cyberattack-attribution-decisions/815587/
-
QualDerm Partners December 2025 data breach impacts over 3 Million people
Over 3.1M people affected as QualDerm Partners suffered a December 2025 breach, exposing personal, medical, and health insurance data. Over 3.1 million people are affected by a December 2025 data breach at QualDerm Partners, where hackers stole personal, medical, and health insurance information from the company’s internal systems. QualDerm Partners is a U.S.-based healthcare management…
-
Treasury asks whether terrorism risk insurance program should bolster cyber coverage
A Federal Register notice seeks public comment on how cyber is covered within a 2002 law and program. First seen on cyberscoop.com Jump to article: cyberscoop.com/treasury-asks-whether-terrorism-risk-insurance-program-should-bolster-cyber-coverage/
-
Treasury asks whether terrorism risk insurance program should bolster cyber coverage
A Federal Register notice seeks public comment on how cyber is covered within a 2002 law and program. First seen on cyberscoop.com Jump to article: cyberscoop.com/treasury-asks-whether-terrorism-risk-insurance-program-should-bolster-cyber-coverage/
-
Treasury asks whether terrorism risk insurance program should bolster cyber coverage
A Federal Register notice seeks public comment on how cyber is covered within a 2002 law and program. First seen on cyberscoop.com Jump to article: cyberscoop.com/treasury-asks-whether-terrorism-risk-insurance-program-should-bolster-cyber-coverage/
-
QuikBot and EFGH bring real-time insurance to physical AI
The two companies will embed insurance directly into the infrastructure governing autonomous robots, reducing claims processing and creating a trust layer for smart cities First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366640577/QuikBot-and-EFGH-bring-real-time-insurance-to-physical-AI
-
Webinar Recap: Cyber Risk in Wartime Threat Intelligence, Risk Modeling, and Insurance Strategy
Cyber Risk in Wartime: What Leaders Need to Know Now As geopolitical tensions rise, cyber risk is no longer a theoretical concern; it’s a board-level issue demanding immediate attention. In Read More First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/webinar-recap-cyber-risk-in-wartime-threat-intelligence-risk-modeling-and-insurance-strategy/
-
Jaguar Land Rover’s cyber bailout sets worrying precedent, watchdog warns
Lack of clear criteria risks encouraging firms to lean on state support instead of worrying about insurance First seen on theregister.com Jump to article: www.theregister.com/2026/03/20/jlr_bailout_cmc/
-
The espionage reality: Your infrastructure is already in the collection path
Tags: access, apt, attack, authentication, breach, ciso, cloud, country, cyber, data, detection, espionage, exploit, governance, government, group, identity, infrastructure, injection, insurance, intelligence, network, risk, risk-assessment, service, spyware, theft, threat, toolCommercial spyware as an intelligence channel: Criminal operators deploying Predator, a spyware suite sold by the sanctioned Intellexa consortium, have been documented across more than a dozen countries. US sanctions haven’t slowed them down an iota. Their targets are not random: journalists, activists, politicians, human”‘rights defenders, government employees and contractors, and other high”‘value individuals. Why?…
-
The espionage reality: Your infrastructure is already in the collection path
Tags: access, apt, attack, authentication, breach, ciso, cloud, country, cyber, data, detection, espionage, exploit, governance, government, group, identity, infrastructure, injection, insurance, intelligence, network, risk, risk-assessment, service, spyware, theft, threat, toolCommercial spyware as an intelligence channel: Criminal operators deploying Predator, a spyware suite sold by the sanctioned Intellexa consortium, have been documented across more than a dozen countries. US sanctions haven’t slowed them down an iota. Their targets are not random: journalists, activists, politicians, human”‘rights defenders, government employees and contractors, and other high”‘value individuals. Why?…
-
The True Cost of Cyber Downtime: A UK Board-Level Briefing
Tags: attack, backup, business, cloud, communications, compliance, control, cyber, cyberattack, data, finance, GDPR, governance, healthcare, infrastructure, insurance, monitoring, resilience, saas, service, supply-chain, technologyWritten by Sean Tilley, Senior Sales Director EMEA at 11:11 Systems Cyber downtime carries measurable financial consequences, and those consequences are becoming clearer with each major incident. Research from 11:11 Systems shows that 78% of European organisations report losses of up to $500,000 per hour following a cyber-related outage, while 6% face costs exceeding £1 million per…
-
What it takes to win that CSO role
Tags: access, ai, attack, automation, business, ceo, ciso, cloud, compliance, control, cybersecurity, data, defense, finance, flaw, framework, google, identity, insurance, jobs, monitoring, network, resilience, risk, skills, startup, strategy, technology, threatGovern the explosion of shadow AI and establish guardrails for generative AI before it creates material data leakage.Move beyond prevention and operate as a business enabler, proving the organization can maintain a minimum viable business during a sustained outage.Address compliance burdens, such as SEC disclosure rules or the EU AI Act, not as a checklist,…
-
What it takes to win that CSO role
Tags: access, ai, attack, automation, business, ceo, ciso, cloud, compliance, control, cybersecurity, data, defense, finance, flaw, framework, google, identity, insurance, jobs, monitoring, network, resilience, risk, skills, startup, strategy, technology, threatGovern the explosion of shadow AI and establish guardrails for generative AI before it creates material data leakage.Move beyond prevention and operate as a business enabler, proving the organization can maintain a minimum viable business during a sustained outage.Address compliance burdens, such as SEC disclosure rules or the EU AI Act, not as a checklist,…
-
235,000 affected by cyberattack on largest ambulance provider in Wisconsin
The company said Social Security numbers, driver’s license numbers, financial accounts, medical information and health insurance information was stolen during the cyberattack. First seen on therecord.media Jump to article: therecord.media/235000-affected-cyberattack-ambulance-provider
-
Dozens of Vendors Patch Security Flaws Across Enterprise Software and Network Devices
SAP has released security updates to address two critical security flaws that could be exploited to achieve arbitrary code execution on affected systems.The vulnerabilities in question listed below -CVE-2019-17571 (CVSS score: 9.8) – A code injection vulnerability in SAP Quotation Management Insurance application (FS-QUO)CVE-2026-27685 (CVSS score: 9.1) – An insecure deserialization First seen on thehackernews.com…
-
March Patch Tuesday: Three high severity holes in Microsoft Office
aadsshlogin package. Systems with the extension already installed have packages.microsoft.com configured automatically, so no additional setup is required.”The cloud ecosystem doesn’t really handle patching well,” Reguly said. “It’s a relatively immature process, and the way that Microsoft handles these products really demonstrates that. The CVE impacting Azure Linux Virtual Machines (CVE-2026-23665) or the multiple CVEs…
-
The OT security time bomb: Why legacy industrial systems are the biggest cyber risk nobody wants to fix
Tags: access, attack, authentication, awareness, business, ciso, compliance, control, cyber, cybersecurity, data, detection, exploit, firewall, incident, incident response, infrastructure, insurance, ISO-27001, metric, mfa, monitoring, network, office, phishing, ransomware, regulation, resilience, risk, risk-management, service, siem, soc, stuxnet, supply-chain, tool, vpn, vulnerability, zero-dayWhy everyone knows it’s burning, but nobody pulls the fire alarm: When I talk to OT managers, production leads or plant engineers, I rarely hear, “We didn’t know we had a problem.” Far more often, it’s, “We know it’s critical, but we can’t just shut it down.” This gap between awareness and action is the…
-
TDL – Defense Before Offense: Leadership, Risk, and the Cost of Bad Decisions – Steven Elliott
From the Battlefield to the Boardroom: Lessons in Defense In the latest episode of The Defender’s Log, host David Redekop sits down with Steven Elliott, CFO of Adam Networks, to explore the surprising parallels between military operations, financial management, and cybersecurity. A Journey of Unpredictable Paths Elliott’s background is anything but linear. From a small…
-
Backup strategies are working, and ransomware gangs are responding with data theft
Business email compromise (BEC) and funds transfer fraud combined for 58% of all cyber insurance claims filed in 2025, according to data from Coalition covering more than … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/06/cyber-claims-report-ransomware-gangs-data-theft/
-
Trizetto Notifying 3.4M of 2024 Hack Detected in 2025
Compromise Affects Healthcare Clients of Co.’s Revenue Cycle Management Services. Billing services vendor Trizetto Provider Solutions is notifying 3.4 million individuals of a hacking incident discovered in October 2025 that investigators have now determined started nearly a year earlier, when threat actors accessed the company’s healthcare clients’ insurance related data. First seen on govinfosecurity.com Jump…
-
How to know you’re a real-deal CSO, and whether that job opening truly seeks one
Tags: access, ai, breach, business, communications, compliance, control, cyber, data, data-breach, finance, framework, governance, incident response, infosec, insurance, jobs, metric, privacy, radius, risk, skills, strategy, threat, training, vulnerabilityStriking the right balance of experience and responsibility: Mark G. McCreary, partner and chief AI and IT security officer at Boston-based legal firm Fox Rothschild LLP, has seen both extremes: security being completely sidelined and security professionals given excessive, unjustified authority.In some firms, a newly appointed CSO might be positioned as a gatekeeper without the…
-
Zurich to Acquire Beazley in $11B European Insurance Deal
Cyber Insurance Expansion Drives Insurance Industry Consolidation. Zurich Insurance Group has agreed to acquire U.K.-based Beazley in an $11 billion deal that would create a $15 billion global insurance powerhouse. The transaction strengthens Zurich’s cyber insurance portfolio as demand surges for coverage tied to cyber and technology risks. First seen on govinfosecurity.com Jump to article:…
-
MSP Strategic Defense: Building Compliance on Dynamic Attack Surface Reduction
Tags: attack, compliance, control, cyber, defense, dora, HIPAA, insurance, ISO-27001, msp, nis-2, PCI, regulation, soc, supply-chain<div cla Compliance expectations across SMB markets are rising as supply chain regulations and cyber insurance requirements raise the baseline for security maturity. Regulatory standards such as CIS Controls v8, the NIS2 Directive, ISO 27001, SOC 2, PCI DSS, HIPAA, Cyber Essentials, CMMC 2.0, DORA, and the Essential Eight now shape what that baseline looks…
-
Health insurance tech provider TriZetto says more than 3 million impacted by 2024 breach
A breach of TriZetto software first described by counties in Oregon affected millions of Americans overall, according to public data released this week by the company. First seen on therecord.media Jump to article: therecord.media/trizetto-healthcare-tech-company-data-breach-update
-
So You Think You Have Cyber Insurance? The Breach is Only the First Incident. The Claim is the Second.
Explore the complexities of cyber insurance, including common claim denials, coverage disputes, and evolving risks like ransomware, AI fraud, and BEC. Learn how to navigate insurance ecosystems to secure reliable coverage that stands firm in loss situations. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/so-you-think-you-have-cyber-insurance-the-breach-is-only-the-first-incident-the-claim-is-the-second/
-
Identity Cyber Scores: The New Metric Shaping Cyber Insurance in 2026
With one in three cyber-attacks now involving compromised employee accounts, insurers and regulators are placing far greater emphasis on identity posture when assessing cyber risk. For many organizations, however, these assessments remain largely opaque. Elements such as password hygiene, privileged access management, and the extent of multi-factor authentication (MFA) coverage are First seen on thehackernews.com…