Members of a U.S. House subcommittee got their first look at the Biden administration's new national cybersecurity strategy and quizzed the White House cybersecurity director on the timeline, proposed regulations and incentives for private businesses.
A French law requiring companies to report cyber incidents to authorities within 72 hours or lose their eligibility for cyber insurance reimbursement has practitioners scratching their heads. Global companies with headquarters in France will have the most uncertainty, experts say.
Arctic Wolf has expanded its security operations platform into threat intelligence, incident response and cyber insurance, says CEO Nick Schneider. The company has focused on putting businesses in the best possible position to answer questions from insurance carriers following a security incident.
The constant threat of cyber attacks can create a challenging situation for organizations looking to effectively prioritize their defenses with limited resources.
Watch this webinar diving into a recent study highlighting the 14 BitSight analytics that are significantly correlated with cybersecurity incidents.
Premiums for cyber insurance have climbed sharply along with global rates of ransomware. But signs of increased competition and capital inflows suggest the cyber insurance market may be softening, Marsh executive Sarah Stephens told a U.K. parliamentary committee.
A periodic stress test assessment of U.K. insurers by the Bank of England found underwriters mostly withstood extreme cyber events. Still, underwriters may not be operating from the same set of assumptions when it comes to the likelihood of having to manage an actual extreme cyber event.
Valuations are down, some companies have left the market altogether, and some even have announced deep rounds of layoffs. Yet, Alberto Yépez of Forgepoint Capital retains optimism for the cybersecurity marketplace in 2023 and says now is the ideal time to be ramping up investments in innovation.
In this episode of "Cybersecurity Unplugged," David Derigiotis of insurtech Embroker discusses the complex world of cyber liability insurance, including the collapse of crypto exchange FTX, recent breaches, and improvements in the cyber insurance industry.
An Ohio software developer that attempted to use business insurance to pay for a 2019 ransomware attack was stymied by the Ohio Supreme Court. The justices unanimously decided for Owners Insurance Company against greater Dayton-based EMOI, writing that the developer didn’t experience physical loss.
Cookie and cracker giant Mondelez International settled litigation launched in 2018 against Zurich Insurance after the underwriter denied a claim for property damages stemming from the NotPetya malware wave. Similar litigation initiated by pharmaceutical giant Merck against its insurers continues.
The Department of Treasury and the Cybersecurity and Infrastructure Security Agency are soliciting comments on whether risks to critical infrastructure from a catastrophic cyberattack - and the concurrent potential for ruinous financial exposure by insurers - should lead to a new federal approach.
Coalition has secured $250 million on a $5 billion valuation to grow in the United Kingdom and accelerate its executive risk coverage business. The money will allow Coalition to push beyond the United States and Canada into the U.K. by the end of 2022 and cover additional executive risk segments.
How can companies make their cybersecurity posture more transparent to stakeholders? That's a question being asked by both boards of directors and potential investors, says Stephen Boyer, founder and CTO of BitSight. He discusses the impact of new regulations and guidance from agencies.
Crum & Forster CISO Chris Holden has helped organizations respond to many breaches over the years, and through this experience he has developed an excellent sense of who companies should call first and have on their response team if they suspect that a security incident has taken place.
Cyber insurance is getting much tougher to obtain, and coverage for security incidents is not guaranteed even when policies are issued, says attorney Steven Teppler, chair of the privacy and cybersecurity practice of law firm Sterlington PLLC.