Tag: insurance
-
New UK Cyber Monitoring Centre Introduces ‘Richter Scale’ for Cyber-Attacks
This new independent non-profit was set up by the UK insurance industry to bring more transparency around cyber events First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/new-uk-cyber-monitoring-centre/
-
21% of CISOs pressured to not report compliance issues
Tags: awareness, breach, business, ceo, ciso, compliance, control, corporate, cybersecurity, data, dora, finance, framework, governance, incident response, infrastructure, insurance, law, nis-2, regulation, resilience, risk, security-incident, trainingCISOs are increasingly getting caught between business pressures and regulatory obligations, leaving them struggling to balance corporate loyalty and legal accountability.To wit: One in five (21%) security leaders have been pressured by other executives or board members not to report compliance issues at their companies, according to a recent study by security vendor Splunk.The same…
-
What 2025 HIPAA Changes Mean to You
Tags: access, application-security, authentication, breach, business, cloud, compliance, control, cybersecurity, data, encryption, healthcare, HIPAA, identity, incident response, insurance, law, mfa, monitoring, nist, office, penetration-testing, privacy, risk, risk-analysis, service, strategy, threat, tool, vulnerabilityWhat 2025 HIPAA Changes Mean to You madhav Tue, 02/04/2025 – 04:49 Thales comprehensive Data Security Platform helps you be compliant with 2025 HIPAA changes. You are going about your normal day, following routine process at your healthcare organization, following the same business process you’ve followed for the last twelve years. You expect Personal Health…
-
HIPAA Cybersecurity Requirements and Best Practices
The Health Insurance Portability and Accountability Act (HIPAA) mandates a stringent framework for protecting sensitive patient information. These standards form the foundation of cybersecurity measures within the healthcare sector, ensuring… First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/02/hipaa-cybersecurity-requirements-and-best-practices/
-
Globe Life Ransomware Attack Exposes Personal and Health Data of 850,000+ Users
Globe Life Inc., a prominent insurance provider, has confirmed a major data breach that exposed the personal and health-related information of over 850,000 users. The company disclosed the incident in a recent filing with the U.S. Securities and Exchange Commission (SEC), reporting that the breach resulted from an extortion attempt by an unknown threat actor.…
-
Insurance Company Globe Life Notifying 850,000 People of Data Breach
Insurance firm Globe Life says a threat actor may have compromised the personal information of roughly 850,000 individuals. The post Insurance Company Globe Life Notifying 850,000 People of Data Breach appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/insurance-company-globe-life-notifying-850000-people-of-data-breach/
-
Texas AG warns Kia about sharing driver information with data brokers
Texas told the auto manufacturer Kia America that it is violating the state’s new data privacy law because it allegedly sells sensitive driver information to third parties without informing consumers that the data can be used to hike their insurance premiums. First seen on therecord.media Jump to article: therecord.media/texas-warns-kia-about-sharing-driver-info-to-data-brokers
-
National security risks in routers, modems targeted in bipartisan Senate bill
A separate piece of bipartisan Senate legislation would create a cyber insurance working group. First seen on cyberscoop.com Jump to article: cyberscoop.com/routers-modems-national-security-risks-senate-bill/
-
US takes aim at healthcare cybersecurity with proposed HIPAA changes
Tags: access, authentication, best-practice, breach, compliance, control, csf, cyber, cyberattack, cybersecurity, data, defense, detection, dora, encryption, finance, framework, government, group, healthcare, HIPAA, incident response, infrastructure, insurance, intelligence, jobs, law, malware, mfa, network, nist, penetration-testing, phishing, privacy, ransom, ransomware, regulation, resilience, risk, security-incident, service, skills, technology, threat, tool, update, usa, vulnerability, vulnerability-managementThe US Department of Health and Human Services (HHS) has launched a consultation on stricter rules for the safeguarding of electronic health records.The proposed revamp of security rules covered by the Health Insurance Portability and Accountability Act (HIPAA) is designed to address the increased risk from cyberattacks such as ransomware against healthcare environments.The revamped rules…
-
American National Insurance Company data likely stolen in MOVEit hack exposed
First seen on scworld.com Jump to article: www.scworld.com/brief/american-national-insurance-company-data-likely-stolen-in-moveit-hack-exposed
-
Change Healthcare Now Counts 190 Million Data Breach Victims
Cost of Attack Has Reached $3.1 Billion for Parent Company UnitedHealth Group. One of the biggest data breaches of 2024 is even worse than previously reported, as the tally of Change Healthcare breach victims has now reached 190 million individuals, and costs tied to the attack $3.1 billion, according to its owner, U.S. health insurance…
-
Everything is connected to security
Joe shares his recent experience presenting at the 32nd Crop Insurance Conference and how it’s important to stay curious, be a forever student, and keep learning. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/everything-is-connected-to-security/
-
Alarmierender Anstieg der Schwere und Häufigkeit von Cyberschäden
KnowBe4 gab die Veröffentlichung eines detaillierten Forschungspapiers mit dem Titel bekannt. Die Studie befasst sich mit der immer wichtiger werdenden Schnittstelle zwischen Cybersicherheit und Versicherung und untersucht die sich ständig weiterentwickelnde Bedrohungslandschaft, mit der Unternehmen weltweit konfrontiert sind. Da die digitale Infrastruktur für den Geschäftsbetrieb immer wichtiger […] First seen on netzpalaver.de Jump to article:…
-
Midsize firms universally behind in slog toward DORA compliance
Tags: ai, business, ciso, compliance, cybersecurity, dora, finance, germany, insurance, intelligence, monitoring, resilience, risk, service, skills, technology, toolBeginning Friday, Jan. 17, all EU financial institutions are now required to operate in compliance with the Digital Operational Resilience Act (DORA). The EU directive aims to increase cybersecurity in the financial industry. However, studies show that many companies are still struggling with implementation.According to a November 2024 survey from metafinanz, the average level of…
-
How a Global Insurer Protects Customer Data Achieves Compliance With DataDome
Discover how a global insurance leader leverages DataDome to protect endpoints from sophisticated bots, achieve GDPR compliance, block brute-force attacks, and gain actionable threat insights. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/how-a-global-insurer-protects-customer-data-achieves-compliance-with-datadome/
-
Personal liability sours 70% of CISOs on their role
Tags: breach, business, ceo, ciso, control, corporate, cybersecurity, group, insurance, jobs, ransomware, risk, technologyWith legal accountability tightening around those charged with maintaining enterprise cybersecurity, security leaders appear to be increasingly frustrated with their roles, eyeing the exit, and hesitant to pursue CISO gigs in the future. More than two thirds (70%) of CISOs recently surveyed said that “stories of CISOs being held personally liable for cybersecurity incidents has negatively…
-
12 cybersecurity resolutions for 2025
Tags: advisory, ai, api, attack, awareness, breach, business, ceo, chatgpt, china, ciso, communications, control, crowdstrike, cyber, cyberattack, cybersecurity, data, data-breach, deep-fake, defense, detection, email, identity, insurance, jobs, law, malicious, phishing, ransomware, risk, risk-assessment, risk-management, strategy, supply-chain, technology, threat, tool, training, vulnerabilityAs cyber threats continue to evolve, CISOs must prepare for an increasingly complex threat landscape. From dealing with AI-driven attacks to managing changing regulatory requirements, it’s clear that 2025 will be another big year for CISOs.But staying ahead requires more than just implementing the next cutting-edge set of tools or technologies. It demands a shift…
-
Massive healthcare breaches prompt US cybersecurity rules overhaul
The U.S. Department of Health and Human Services (HHS) has proposed updates to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) to secure patients’ health data following a surge in massive healthcare data leaks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/massive-healthcare-breaches-prompt-us-cybersecurity-rules-overhaul/
-
How to Get the Most Out of Cyber Insurance
Cyber insurance should augment your cybersecurity strategy, not replace it. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/get-most-out-cyber-insurance
-
HIPAA to be updated with cybersecurity regulations, White House says
The Biden administration is proposing an overhaul of the data security rules under the landmark Health Insurance Portability and Accountability Act (HIPAA).]]> First seen on therecord.media Jump to article: therecord.media/hipaa-cybersecurity-regulations-update
-
422,000+ Impacted in American Addiction Centers Cybersecurity Incident
American Addiction Centers (AAC) has announced that nearly half a million individuals had their personal and health-related information exposed following a cyberattack in September 2024. The American Addiction Centers cyberattack, which compromised sensitive data such as Social Security numbers and health insurance information, affected a total of 422,424 individuals. First seen on thecyberexpress.com Jump to…
-
Nearly half a million people had data stolen after cyberattack on American Addiction Centers
The company began mailing out breach notification letters ahead of the Christmas holiday, warning 422,424 people that Social Security numbers and health insurance information were among the data leaked during the attack. ]]> First seen on therecord.media Jump to article: therecord.media/data-breach-american-addiction-centers
-
7 biggest cybersecurity stories of 2024
Tags: access, ai, alphv, at&t, attack, authentication, breach, business, china, cio, ciso, citrix, cloud, credentials, crowdstrike, crypto, cyber, cybercrime, cybersecurity, data, data-breach, deep-fake, detection, email, espionage, exploit, extortion, finance, google, government, group, hacking, healthcare, incident response, infection, insurance, intelligence, international, jobs, lockbit, malicious, malware, mandiant, mfa, microsoft, network, nis-2, north-korea, office, phishing, phone, privacy, ransomware, regulation, risk, risk-management, scam, service, software, strategy, tactics, technology, threat, ukraine, update, vulnerability, windowsCybersecurity headlines were plenty this year, with several breaches, attacks, and mishaps drawing worldwide attention.But a few incidents in particular had far-reaching consequences, with the potential to reshape industry protections, shake up how vendors secure customers’ systems, or drive security leaders to reassess their strategies.Longer-term trends such as increased cybersecurity regulations and the impact of…
-
How two organizations beat the cyber insurance maze
First seen on scworld.com Jump to article: www.scworld.com/resource/how-two-organizations-beat-the-cyber-insurance-maze
-
Regional Care Data Breach Impacts 225,000 People
Healthcare insurance firm Regional Care has disclosed a data breach impacting more than 225,000 individuals. The post Regional Care Data Breach Impacts 225,000 People appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/regional-care-data-breach-impacts-225000-people/
-
Key strategies to enhance cyber resilience
Tags: attack, awareness, backup, banking, breach, business, ceo, compliance, control, crowdstrike, cyber, cybersecurity, data, finance, government, group, healthcare, incident, incident response, infrastructure, insurance, metric, network, phishing, programming, ransom, ransomware, resilience, risk, security-incident, service, skills, software, strategy, supply-chain, technology, threat, training, update, vulnerability, windowsThe faulty CrowdStrike software update that triggered IT outages on a global scale in July was a sobering reminder of the importance of incident response and business continuity plans.The update caused more than eight million Windows devices to crash and take down with them airline reservation systems, hospital and government services, financial and banking applications…