Home | Print Page | Contact Us | Sign In | Join the PIA
Weekly Industry News
Blog Home All Blogs
PIA Western Alliance knows you want to be the best in the field, and the best way to stay on top is to stay informed. PIA Weekly Industry News Brief is an informative e-news brief that delivers the most relevant industry content.


Search all posts for:   


Top tags: Insurance Content  Weekly Industry News  Insurance Industry  Insurance News  Around the PIA Western Alliance States  ObamaCare  The Affordable Care Act  Healthcare  HealthCare.gov  Cyber Security  PIA Western Alliance  Cyber Breach  Cyber Insurance  Employment  jobs  wildfires  flood insurance  AIG  work  Flood  Millennials  Employees  PIA  business  Millennials & Insurance  Pia National  Taxes  E&O  Insurance  MetLife 

Cyber Attacks — Consumers Want More from Insurance

Posted By staff reporter, Tuesday, February 12, 2019

Consumers want more insurance help with their cyber woes, and potential cyber woes. The why is easy. From automobiles to interconnected homes, just about every aspect of people’s lives are impacted by technology, and that technology is a sieve and easy for hackers to access.

Take automobiles for example. Asaf Ashkenazi of the software company Inside Secure said hackers can use connectivity to access private information and can even use it to steal the car. “The worst-case scenario is that they can completely take over and control anything in your car, from the brakes to the steering wheel,” he said. “The scariest scenario is that you're driving and they make your car crash.”

Then there’s the loss of personal records. The Identity Theft Resource Center’s 2018 End of Year Data Breach Report said 447 million consumers had their personal records compromised last year. That is a 126% increase from 2017.

What’s ironic is the total number of data breaches in 2018 fell by 23%.

Paul Robinson of GreyCastle Security said, “It’s very difficult now to avoid these attacks, even if you're taking the precautionary measures, such as managing your bank account and things of that nature. Now please do that, don't neglect watching your accounts and keeping an eye on your medical records, but the horse has left the barn per se.”

Assurant’s new study, The Connected Now says the connected lifestyle isn’t connecting with everybody. This is where insurance might be helpful. More on that in a bit.

The risk management firm said like it or not, nearly 40% of consumers identify themselves as technophobes. They own an average of 1.3 connected products. These range from smartphones and computers to equipment to manage things in the home.

Those same people — or 78% of them — worry about ID theft and the compromising of their personal information. They point that worried finger at interconnectivity — connectivity they are not that happy with.

Yet, 69% do admit this technology makes their lives easier. 

This is where insurance has an opportunity to shine. Parks Associates — an Internet of Things marketing and consulting company — said its research finds that 40% to 50% of households with access to broadband Internet want additional insurance services.

Parks Associates said this applies to those who own their homes and those renting.

Of those interested, 35% want insurance services that are proactive and that communicate the potential risk of the smart devices in their homes. They want to be updated and warned ahead of time.

Parks Associates spokesman Brad Russell said the insurance they want will take care of the restoration of those services and repair their home after the damage occurs.

“A restoration service that repairs damage is the most appealing service among insured households, but there is strong interest in proactive services, which would be enabled by smart home devices and AI capabilities to detect and prevent risk situations,” he said.

And he noted that advances in technology now let the insured and the insurer connect and interact more easily than ever. “Connected devices are reshaping the way consumers think about many traditional services and how they interact with their service providers,” he added. “These trends in consumer expectations, combined with the wealth of data derived from IoT solutions, are opening significant market opportunities for the insurance industry.”


Source links: PropertyCasualty360.com, USA Today, WHEC-TV, Insurance Business America

Tags:  cyber breach  Cyber Security  insurance content  insurance news 

Share |
PermalinkComments (0)

Special Report: The Cyber Security Challenge

Posted By Staff reporter, Tuesday, February 5, 2019

A new report from Accenture is frightening. Another one from the Defense Department and the Pentagon is even more frightening than Accenture’s.

The Accenture report is titled Securing the Digital Economy: Reinventing the Internet for Trust. It found 75% of the CEOs think the only solution to the cyber challenges faced by all of us is cross-industry coordination.

Worse, Accenture believes in the next five-years companies worldwide will lose $5.2 trillion from cyber attacks.

  The highest risk is the high-tech industry with $753 billion at stake

  Life sciences has $642 billion at risk

  The automotive industry has $505 billion

“Internet security is lagging behind the sophistication of cybercriminals and is leading to an erosion of trust in the digital economy,” company spokesman Omar Abbosh said. “Strengthening internet security requires decisive — and, at times, unconventional — leadership by CEOs, not just CISOs.

To become a cyber-resilient enterprise, companies need to start by bringing CISOs’ expertise to the board, ensuring security is built-in from the initial design stage and that all business managers are held responsible for security and data privacy.”


Here’s more from the report:

 •  79% say the advancement of the digital economy will be stall or slow down if dramatic improvement in internet security is not made

  59% say the internet is growing increasingly unstable

  That same 59% say they are not sure how to respond to that instability

  56% say they would welcome stricter business regulations to fix the problem


 PIA Members can take Cyber 101 Webinars no charge

PIA Western Alliance Members can take our Cyber 101 Webinar Classes at no charge!

Click the banner to sign up, today!

In the U.S. the Defense Department — via spokesman Robert Behler — said it cannot adequately defend itself against cyber attacks. The Government Accountability Office (GAO) agrees. Spokeswoman Cristina Chaplain said the military has not been able to secure weapons systems that cost billions to build.

“DOD testers routinely found mission-critical vulnerabilities in systems under development, and in some cases, repeatedly over the years,” she said.

One of the problems with cyber security is the lack of cyber experts to do battle with the bad guys. In the U.S. between September of 2017 and August of 2018, there were 314,000 job postings. Even though most earn something like $95,000 a year on average, job openings stay open.

The National Initiative for Cyber Security Education says if all were filled that would pump up the number of pros battling cyber criminals by 40%. That’s a workforce of 714,000.

Worldwide, (ISC)2 says there are close to three million cyber security jobs open.

In addition to not being able to find experts, current polling says that 43% of organizations around the world fail to adequately do security training.

Worse, universities — 85% of them — have cyber security graduate or undergraduate degrees. However, their more diversified and attractive computer science programs do not offer even one cybersecurity course.

Business and government are continuing to explore options. One idea is a Cybersecurity Peace Corps. The proposal is the same idea as the original Peace Corps and will develop and train people to do cybersecurity jobs. It will require an act of Congress to establish.

Meanwhile, community colleges are now offering boot camps — of sorts — to train people in key skills. 

Whether all this training comes fast enough to avoid the trillions that will be lost in the future to cyber criminals is anybody’s guess. What we all can — however — agree upon is that there is a definite need for action.


Source link: Insurance Business America, PropertyCasualty360.com, Tech Crunch

Tags:  cyber breach  Cyber Insurance  Cyber security 

Share |
PermalinkComments (0)

What's keeping your bosses up at night?

Posted By Staff Reporter, Tuesday, December 4, 2018


Many of you are officers of your company. What is your main worry? Cyber attack? Probably. Another worry? Regulatory claims that involve you and your directors and officers insurance.

Willis Towers Watson’s sixth annual D&O: Personal Exposure to Global Risk checked in with 161 directors and officers about cyber attacks and other subjects, and found 44% have experience a significant or sizable data loss in past year.

A year ago that figure was 24%.

The other top risks:



  Health and safety legislation

  Criminal and regulatory fines


This is where D&O comes into play:

  43% of large employers experienced a regulatory claim involving a director in the last year

  38% of all companies surveyed reported the same thing

  60% say company behavior is being changed because of a focus by regulators on personal accountability of directors and officers


The Willis Towers Watson report said many company leaders wonder whether a D&O policy will be able to respond to claims in all jurisdictions. That led to worries about:

  How claims against directors and officers will be controlled and settled

  A broad definition of who is insured in clear, easy to follow policy terms

  Whether there is coverage for the cost of advice in the beginning of an investigation


Source link: Business Insurance

Tags:  boss worries  company officers  cyber attack  Cyber Breach  insurance content  insurance industry  insurance news  weekly industry news 

Share |
PermalinkComments (0)

News on the Cyber Front — Still Not Pretty

Posted By Joey Leffel, Tuesday, August 28, 2018


In a new report, A.M. Best and Guidewire’s Cyence Risk Analytics is worried about cyber insurance and cyber insurers. In a new report, the two companies said three of the top-20 cyber insurance providers could face “meaningful to significant gross losses” from a single-event cyber catastrophe.

In the special report Cyber Insurance Market: Stress Testing the Future, Fred Eslami said when looking at the estimated policyholder surplus in 2022, those losses could hit 15% to 119%.

“For the majority of these companies, even the gross losses do not come close to the natural catastrophe probable maximum loss estimates used for stressing the balance sheet strength of the companies,” he said. “However, under these circumstances, a handful of companies could lose a significant amount of surplus, which potentially could create ratings pressure or even trigger a downgrade.”

The report looks at two scenarios:

  Several cloud-based servers fail and widespread service and business interruptions follow

  A common software application gets compromised leading to a global attack

In another report, Gallagher said healthcare providers are the most vulnerable to hacking attacks. They happen regularly and leave the data of hundreds of thousands of people at the mercy of the cyber hackers.

Bloomberg said the average breach of a healthcare system costs more than $400 per patient. The news organization also found that just 33% of healthcare departments have defenses set up for a breach.

Gallagher’s white paper on the subject said there are six things these organizations can do to improve their security:

  Anti-virus and malware prevention




  PCI DDS compliance

  Employee awareness and training

Gallagher’s Adam Cottini said the first and most important thing these organizations need to do is comply with HIPPA regulations and standards that say individual medical data must be protected.

“The HIPPA regulation has been around for a long while and the healthcare industry is tuned into the privacy requirements. Where the challenge comes is with the advancement of technology and how new technology exacerbates the vulnerabilities in the healthcare space relative to protecting and securing information,” Cottini said.

Once the privacy requirements are in place then cyber security priorities must be addressed. “Cyber security doesn’t seem to rise to the same level of priority as other areas of security, but the statistics clearly show that phishing and social engineering is a major driver of a lot of the cyber events that are happening these days, which is why we believe organizations have to continuously drive down on employee training and awareness,” Cottini noted.

The point of Gallagher’s white paper is to raise awareness.

NAS Insurance agrees with some of Gallagher’s conclusions. In its 2018 Cyber Claims Digest, NAS suggests negligent employees and third-party service providers are a common thread when it comes to cyber attacks upon healthcare providers.

Jeremy Barnett of NAS said the most common form of attack to these organizations from this carelessness is ransomeware. “The methods used for ransomware attacks are becoming more sophisticated. Spam email remains a tried and true method: one in six spam email messages comes bundled with ransomware. However, in 2017, criminals also tended to target specific companies,” he said.

From there things get worse.

“Between 2016 and 2017, there was a 152% increase in ransomware as a cause of loss for healthcare cyber claims,” Barnett noted. “The threat is typically to divulge or destroy information, to insert malicious code into a computer system or to damage, destroy or prevent access to a computer system. The monetary demand varies in both amount and the currency: the demand might seek payment in American dollars, a foreign currency or a cryptocurrency.”

While healthcare providers are lagging behind, data analyst FICO said other industries are catching up and those with cyber insurance rose between 2016 and 2017. From 2017 to 2018 those with no cyber security insurance at all fell from 50% to 24%. However, 32% of the nation’s larger companies have adequate cyber insurance.

Many of those are in healthcare.

FICO VP for cyber security solutions Doug Clare said, “Given the number of large-scale and very public breaches in recent years, it’s not surprising that we’ve seen a big increase in US organizations investing in it over the past 12 months, but there’s still some way to go. As the insurance market matures and the litigation and fines increase we expect more firms will also go beyond basic coverage to seek insurance that is more comprehensive.”

And back to healthcare companies. The FICO survey found 70% of them do not have cybersecurity insurance. Just 10% of financial service firms do not have cyber insurance.

Source links: Insurance Business America — link 1, link 2, link 3, Carrier Management

Tags:  cyber breach  cyber insurance  Cyber Security  PIA Cyber Insurance 

Share |
PermalinkComments (0)

Who has Cyber Insurance? Not that Many

Posted By Administration, Tuesday, June 6, 2017


A new survey by the research firm Ovum says 50% of U.S. businesses don’t have cyber risk insurance. Just 16% of the 100% have full coverage. The survey was done for the analytics company FICO and it also found 27% of that 50% say their companies have no plans to purchase said insurance.

Ironically — and dangerously — 61% say they expect cyber attacks increase in the next year.

The survey found U.S. companies lag in cyber coverage when compared to Canada and the United Kingdom. The report says 40% of firms report no cyber coverage in those countries.

And why? Mistrust of insurance pricing is what most say.

The survey is wide-ranging. It connected with 350 c-suite executives and senior security officers. They come from sectors like:

  Financial services





  Media service providers

Company sizes:

  30% have 500 to 1,000 employees

  28% have 1,001 to 4,999 employees

  17% have 5,000 to 9,999

  25% have more than 10,000

Bob Shiflet of FICO said the Ovum survey finds U.S. healthcare to be father behind than most when it comes to cyber insuring. None of those surveyed in healthcare have insurance that covers all risks and 74% had no insurance at all. Shiflet said this is troubling but some of that must be laid at the feet of the insurance industry.

“There are steps the insurance industry can take to make guidelines clearer and explain premium adjustments, but companies need to be willing to dedicate the resources required to protect themselves from the breaches they themselves see as likely, if not inevitable,” Shiflet said.

Cost and lack of clarity from the industry is problematic:

  Just 25% of those responding think premiums reflect their risk profile

  Only 23% think the insurance industry is clear and transparent in its approach to pricing

  29% of the executives think insurers need clear guidelines about how premiums are chosen

  28% want clearer communications on why premiums are adjusted when that happens

  23% want insurers to introduce a standard for benchmarking cyber risk

Hiscox did a similar survey that said 55% of U.S. firms have taken out cyber insurance but these businesses are — as with the Ovum survey — confused about what cyber coverage actually entails and what is protected.

For those who don’t have cyber insurance:

  26% do not plan to purchase

  41% said cyber insurance policies are not relevant to their business

  17% say they have no plans to take out insurance — ever — and agreed with this statement: Cyber insurance policies are so complicated — I don’t understand what cyber insurance would cover me for.

Deloitte also did a survey that found buyers just don’t understand cyber risks or options for insurance. And all — the report found — want standardized policies. “Similar cyber insurance products offered by different providers often include alternative features, which makes it difficult for buyers to compare policies by value and price,” the report said.

Deloitte also outlined steps similar to those of Ovum for insurers to take:

  Standardize policy language

  Develop a risk-informed model rather than a definitive predictive model for cyber risks

  employ more targeted underwriting by industry or exposure

  Offer more holistic cyber risk management programs

RAND Corporation did a different report and hit the real nail on the head. Companies — it found — just don’t see cyber insurance as a good investment. The typical cost of a breach according to RAND is $200,000 which means an event will cost a company about 0.4% of annual revenues.

Sasha Romanosky of RAND put it in perspective. “Relative to all the other risks companies face, the cyber risks often aren’t as big a deal as we think. It may be bad for you if you are the victim, but it doesn’t change the behavior or strategy of a company. Like you and me, companies are self-interested and operate in ways that minimize their costs. You can’t begrudge them for working that way,” Romanosky said.

Ponemon seriously disagrees with RAND’s conclusions. It’s report from May of 2014 found the average data breach costs something like $3.5 million for super-sized companies.


Source link: Insurance Journal

Tags:  Cyber Breach  Cyber Insurance  Cyber Security  Insurance Content  Insurance Industry  Insurance News  Weekly Industry News  Who has Cyber Insurance? Not that Many 

Share |
PermalinkComments (0)

Update: WannaCry — Most Would Pay

Posted By Administration, Tuesday, June 6, 2017

Carbon Black surveyed 5,000 U.S. consumers about their trust in corporations for keeping their data safe. Part of the questioning involved the WannaCry ransomware virus. The crisis a few weeks ago in 150 countries is the first most had heard of ransomeware. That’s odd because ransomeware has been a problem for a decade or more.

What is most surprising is the number of people who’d pay the ransom if it happened to them:

  52% said they’d pay the ransom if their computer or data is taken hostage

  Only 12% said they’d pay $500 or more

Experts are advising people to be prepared. Verizon did a report in 2014. Then ransomeware was the 22nd most common form of malware. Today it is number-five. The quick-buck approach to profits means it could even rise above that point in the future.

As for the rest of the world. Financial institutions and healthcare providers are trusted by about 70% of us. But only 52% trust retailers.

Consumers — overall — think the responsibility of keeping their data safe lands at the feet of the individual business. They do not believe it is the responsibility of cybersecurity vendors, software vendors and providers like Microsoft, Apple and Google and government agencies like the FBI, NSA and CIA to keep their data safe.


Source link: BizReport

Tags:  Cyber Breach  Cyber Insurance  Cyber Security  Insurance Content  Insurance Industry  Insurance news  Special Report: The WannaCry Virus Aftermath  Update: WannaCry — Most Would Pay  virus  Weekly Industry News 

Share |
PermalinkComments (0)

Update: WannaCry Virus and More

Posted By Administration, Tuesday, May 30, 2017

Experts are still trying to find out who launched the WannaCry ransomware attack a couple of weeks ago. Researchers at cyber security firms Symantec and FireEye say evidence they’ve uncovered says the attack came from North Korea’s hacking group Lazarus.

Ben Read of FireEye said, “The shared code likely means that, at a minimum, WannaCry operators share software development resources with North Korean espionage operators.”

North Korea denies involvement.

The WannaCry virus and other recent ransomware attacks has impacted insurance. And that impact is both negative and positive.

Aon Benfield and Beazley did a study of ransomware attacks. It is titled Aon Benfield’s Cyber Update: 2016 Cyber Insurance Profits and Performance and the study found the number of ransomware attacks quadrupled from 2015 to 2016. In their report, Aon researchers Jon Laux and Craig Kerman said this has led cyber insurers to see a jump in the loss ratio to 57.7. That’s a 16% rise from 2015.

On the other side of the coin, the study found cyber insurance premiums grew roughly 30% to $1.34 billion between 2015 and 2016

“For insurers providing cyber insurance, these results illustrate the potential for both extremely good and extremely bad underwriting outcomes, and underscore the importance of managing limits,” they wrote.

Aon Risk Solutions Senior Vice President Jim Trainor also commented on the study. He said it includes data from 138 insurers in the U.S. “One of the challenges of cyber is that it is a very complex environment. Bad actors use and exploit infrastructure both in and out of the United States. A lot of groups who conduct such criminal activity don’t reside in the U.S. This makes it increasingly challenging for both government and companies to protect themselves because those attacking them don’t actually reside in the locations in which they operate,” he said.

Ken Crerar of the Council of Insurance Agents and Brokers said the CIAB has released its current cyber study. The Council of Insurance Agents & Brokers’ Cyber Insurance Market Watch Survey said clients are now more up to speed on the type — and how much — insurance they need. The conclusion is insurers selling cyber insurance can, and should, anticipate growth in policy purchases.

Other survey conclusions:

  32% have purchased at least some form of cyber coverage

  In the last six-months 27% purchased that insurance for the first time

  44% increased coverage in the last six-months

  76% with cyber insurance have stand alone policies

“As brokers become more experienced with cyber exposures, they are growing their knowledge of this new breed of risk. This is a good sign, as brokers play an increasingly crucial role in both cyber risk mitigation and post-event response. The globally-launched WannaCry/WannaCrypt ransomware file encryption exploit is a prime example. Brokers are actively advising clients on the preventative steps to take now to increase the chance of escaping the virus, which has infected hundreds of thousands of systems,” Crerar said.

And on those preventative steps, James Gow — the senior vice president of the Property & Casualty Practice at Corporate Synergies — said a big part of the problem business has with ransomware attacks is uneducated employees and suggests employers set up an education program. It should contain:

  Instructions for employees to regularly change their passwords for software, email and other programs.

  A standard framework on how information is shared within the company.

  A policy for how sensitive information is asked for and given. Not everyone in the company needs to have sensitive information.

  An employee identification policy.

  A safe document management system and disposal services.

  Regular employee testing on security policies to make sure they understand social engineering and hacking scams so confidential and sensitive information is not handed out.

Two last items. The electronic signature service DocuSign has admitted that hackers gained temporary access to its database. It contained the email addresses of customers which is why there was a surge in phishing emails sent to DocuSign users. Those emails encouraged recipients to open a Microsoft Word doc that contained malicious software.

If you are a user, updates on the hack are available by clicking here.

And last. Target has settled its multistate hack from Christmas of 2013 for $18.5 million. In December of that year and January of 2014, over 40 million credit and debit card users had their information stolen. 


Source links: PropertyCasualty360.com — link 1, link 2, Insurance Business America — link 1, link 2, Insurance Journal

Tags:  Cyber Breach  Cyber Insurance  Insurance Content  Insurance Industry  Insurance News  Special Report: The WannaCry Virus Aftermath  Update: WannaCry Virus and More  virusCyber Security  Weekly Industry News 

Share |
PermalinkComments (0)

Scammers Scamming Insurance Call Centers

Posted By Administration, Tuesday, May 30, 2017

Cyber attacks are problem enough but insurers are also now targets for call center fraud. Pindrop is a telephone security firm and it finds, believe it or not, these people are successful.

The process — by the way — now has a name. It’s “social engineering” says Pindrop’s David Dewey as he commented to Insurance Business America about his company’s report called the 2017 Call Center Fraud Report.

It found insurers are taking huge hits from phone fraud. Life insurance policies and policies for mobile phones are the most targeted. Dewey said:

  One in every 12,000 calls to life insurers is fraudulent and of those 20% are successful

  One in every 200 calls for mobile devices is fraudulent and 20% of those are successful

The problem is centered in the sheer volume of calls. Determining who is the real deal among often disgruntled callers is a monumental task.

Dewey said one of the most devious and costly life insurance scams is when a caller tricks the call center employee into giving a loan on a policy or claim some cash from the policy. “And a lot of times these things can go unnoticed for years, because how often do you really look at your life insurance policy? It happens a lot more frequently than we would think,” he said.

How is it possible to scam trained call center employees? Easy, Dewey said. They will target a customer and then do background research on where they live, where they went to school, family connections, what things look like where they live and so on. These are things that might be asked in security questions.

A bunch of correct answers and the call center operator may end up thinking they’re talking to the real person.

“The major failing is in the knowledge-based authentication questions. The problem is they just don’t work. It’s very often that the legitimate customer doesn’t know the correct answers to the questions. And those call centre operators are used to dealing with legitimate customers who don’t know the answers. They’ll oftentimes help them [the customers] work through it,” Dewey said.

The Pindrop report also points out that scammers know all about how automatic phone systems work. They can call again and again and again until they have the answers they need and then can ask for a live phone operator.

“By far, the highest fraud rate of any single industry is seen in the device insurance sector. For companies that provide payments to consumers whose mobile phones are lost or stolen, one in every 194 calls is fraudulent. That rate increased 55% over 2015, when device insurance already had the highest phone fraud rate of any vertical,” the report said.

Dewey said the solution to phone fraudsters is employing phone security technology. That technology often features voice recognition or what Pindrop calls “phone printing” in which the system identifies the phone’s signature.

If that signature doesn’t match what’s on file, then it will let call center employees know that a fraudulent call is in progress. 


Source link: Insurance Business America

Tags:  Cyber Breach  Cyber Insurance  Cyber Security  Insurance Content  Insurance Industry  Insurance News  Scammers Scamming Insurance Call Centers  Weekly Industry News 

Share |
PermalinkComments (0)

Special Report: The WannaCry Virus Aftermath

Posted By Administration, Wednesday, May 24, 2017

In what seems now to be a prophetic move, on May 11th Kansas Insurance Commissioner Ken Selzer put out a list of tips to help businesses and individuals protect themselves from a cyber attack. The next day the WannaCry virus hit the world and demands of $300 or more per user was demanded to release control of a computer back to the user.

According to White House Homeland Security Advisor Tom Bossert, 300,000 people in 150 countries were impacted.

In his news release that went with the list, Selzer said, “It is important that cyber vigilance begins at home. Knowing some common-sense precautions can keep you and your personal information safer.”

Too little, too late.

The Internet research agency Statistica says insurance and the financial sector are very vulnerable. And it put this chart together to show you just how vulnerable your business is:

Who’s affected most by ransomeware and why starting with infections by industry:

  Services — 38%

  Manufacturing — 17%

  Public administration — 10%

  Insurance, finance & real estate — 10%

  Wholesale trade — 9%

The leading cause of those infections:

  Spam/ phishing emails — 46%

  Lack of employee training — 36%

  Malicious websites / web ads — 12%

  Other — 5%

  Lack of security — 1%

Lots of quotes from experts and lots of advice starting with Michael Kaiser — the executive director of the non-profit National Cyber Security Alliance — who put what we all need to do now the best. “It is of utmost importance that cybersecurity ... be a top priority of businesses and organizations large and small,” he said.

Kathy Brown the Internet Society’s president and CEO added, “Law enforcement, IT professionals, consumers, business, and the public sector all have responsibility to act to keep enabling the good that the Internet brings. We have a shared responsibility to collaboratively get this under control.”

How bad is it? Bad. Researchers say 6% of the people of the world have been impacted by this or other malware. Brown said most people are ill-equipped to deal with ransomware and whopping 25% say they have no idea what to do if their computer was attacked.

Fen Osler Hampson is the director of global security at CIGI. He said, “Ransomware attackers have discovered that they don't have to steal or destroy your data to enrich themselves, they just have to hold it hostage. Our survey data shows that many people are willing to pay to get their data back, which makes such attacks highly profitable.”

Dan Burke heads Hiscox USA. His firm’s Hiscox Cyber Readiness Report 2017 checked with 3,000 businesses in the United States, the United Kingdom and Germany. He said it found, “In the US alone, 63% of firms reported experiencing a cyber incident in the past year, and 47% said they had two or more.”

And Burke and the report said those attacks and all cyber crime cost the global economy $450 billion last year. “Larger companies (250+ employees) had a somewhat higher risk, with 72% reporting one or more incidents, compared to 60% of smaller firms (less than 249 employees).”

Kaiser added, “When we see whole systems like the National Health System in the United Kingdom directly targeted, it reinforces how dependent we have become on our data-driven networks.”

Back to Selzer. These are his wise words of wisdom:

  Set strong passwords and don’t share them with anyone. Set them with at least eight characters, including letters, numbers and symbols.

  When using unfamiliar websites, be sure the URL begins with "https." The "s" at the end indicates it is a secure site.

  Keep your operating system, browser, and other critical software optimized by installing updates, including antivirus and anti-spyware updates.

  Maintain an open dialogue with your family, friends and community about Internet safety. Let them know you take it seriously.

  Limit the amount of personal information you post online, and use privacy settings to avoid sharing information widely.

  Be cautious about what you receive or read online — if it sounds too good to be true, it probably is. Also, if a message sounds out of character for the sender, or includes nothing but a link in the body of the email, it may be suspicious. Check with the person who purportedly sent you the message to make sure it is legitimate.

  Cyber attackers often take advantage of current events to conduct "phishing" attacks, where they will attempt to obtain personal information by posing as a trustworthy organization. Verify the legitimacy of the organization’s request by contacting the company by another means.

  Limit the type of business you conduct on public Wi-Fi networks. Don’t do your online shopping from an internet café. Do business with credible companies, and devote one credit card with a small credit line to online purchases.

  Password-protect your smart phone.

  Finally, and maybe most importantly, check your homeowners or identity theft insurance policies for the level of coverage you have in case of a cyberattack on your devices.

“The continual increase in cyber traffic means that home computer networks and smart devices are more vulnerable" than ever. We need to be vigilant in making sure our personal information is kept secure,” Selzer said.

NAS chief underwriter Mike Palotay agreed and said the attack also points out how small and medium businesses are woefully short of cyber insurance. He says these businesses need to take note and get insured.

“This has been an indiscriminate attack. It’s not targeted. You don’t have a hacker behind each attack on each company — it’s really more of an automated thing. It’s basically just spray and pray, really. You’ve got small companies who are experiencing outages and disruptions and having to pay extortions. And then you’ve got FedEx and the National Health Service [in the UK] and a bunch of much larger organizations experiencing problems,” he said.

But the bottom-line, Palotay said is, “Small and medium-sized business are very, very underinsured. The last figures I saw for small businesses that buy cyber insurance were in the single digits. This might be a wake-up call.”

By the way, Microsoft has a malware link to keep you posted on WannaCry. You can access it here.


Source links: PropertyCasualty360.com, Insurance Business America

Tags:  Cyber Breach  Cyber Insurance  Cyber Security  Insurance Content  Insurance Industry  Insurance News  Special Report: The WannaCry Virus Aftermath  Weekly Industry News 

Share |
PermalinkComments (0)

A Big Client Concern: Data Protection

Posted By Administration, Tuesday, April 18, 2017

Big data is a big deal in insurance. It’s become critical for underwriting and rating. That’s not lost on the National Association of Insurance Commissioners (NAIC). The NAIC recently formed its Big Data Task force to look at what needs to be done to protect data from an insurer’s perspective to that of the regulator.

Charles Angell who is the deputy commissioner and chief actuary of the Alabama Department of Insurance is on the task force. He recently told the 2017 Ratemaking and Product Management Workshop of the Casualty Actuarial Society that the task force wants a clear understanding of the data insurers are collecting and how that data is being collected. That will lead to knowing how insurers and third-party insurance operations are using what they collect.

Another issue. Making sure the data collected complies with state insurance laws and regulations and is not being misused.

It’s equally important that consumers know their data is being collected and how they can control some of the availability of that data and how it relates to the cost of their insurance. “How can consumers alter their risk characteristics if they don’t even know what data is collected? Should there be some kind of disclosure notice [required]?” Angell said.

Lastly, the task force wants to make sure the data is properly used to determine potential risk. That leads to questions as to whether automation — and the vendors that develop it — should be examined like the insurance advisory groups that develop loss costs.

In other words, the data collection issue is quite complex. And Angell and the task force are leaning toward creating a consulting team to assist state regulators with technical reviews. “This consulting team would not be a regulator. It would not be approving or disapproving any statistical models. It would simply advise [an insurance department] on any issues it found with the way a model is constructed,” he said.

And Angell said this process will also benefit insurers because all technical objections will be raised and dealt with in a central forum rather than in a bunch of different jurisdictions.

Source link: Insurance Journal

Tags:  A Big Client Concern: Data Protection  Cyber Attacks: An Accelerating Crisis & Now the FI  Cyber Breach  Cyber Insurance  Cyber Security  Insurance Content  Insurance Industry  Insurance News  Weekly Industry News 

Share |
PermalinkComments (0)
Page 1 of 9
1  |  2  |  3  |  4  |  5  |  6  >   >>   >| 

A special thank you to our KKlub Members for their support.