Home | Print Page | Contact Us | Sign In | Register
Weekly Industry News
Blog Home All Blogs
PIA Western Alliance knows you want to be the best in the field, and the best way to stay on top is to stay informed. PIA Weekly Industry News Brief is an informative e-news brief that delivers the most relevant industry content.

 

Search all posts for:   

 

Top tags: Insurance Content  Weekly Industry News  Insurance Industry  Insurance News  Around the PIA Western Alliance States  ObamaCare  The Affordable Care Act  Healthcare  HealthCare.gov  Cyber Security  PIA Western Alliance  Cyber Breach  Cyber Insurance  Employment  jobs  wildfires  flood insurance  AIG  work  Flood  Millennials  Employees  PIA  business  Millennials & Insurance  Pia National  Taxes  E&O  Insurance  MetLife 

A Frightening Cyber Security Statistic — Under-Staffed Staffs

Posted By Staff reporter, Tuesday, April 2, 2019

ISACA is a global group that helps individuals and businesses with technology issues like cyber security. It just did some research on the problem of finding cyber security professionals to assist with the defense of a company’s data bases and other information.

 

The results are frightening.

 

A whopping 69% of the security people quizzed said the lure of more pay other places makes it very, very difficult to keep personnel. That same issue also makes it difficult to find people to work in the cyber security endeavors of the company.

 

As a result:

 

  69% say they are understaffed

  57% say they offer increased training as an incentive to stay

  But 82% say most leave for other companies offering higher salaries, bonuses and promotions

  58% say — as a result — they have unfilled positions

 

ISACA’s board chairman Rob Clyde said, “We’re in a highly fluid environment where organizations are increasingly challenged by competitive forces. Creative and competitive retention efforts are more important than ever in the current environment, and organizations should make it a priority to identify ways to boost their cyber security teams.”

 

By the way:

 

  Just 45% of the females responding think men and women have an equal shot at advancement

  That’s down from 51% a year ago

  Less than half of the cyber security organizations polled have a gender diversity program

 

Source link: Digital Insurance

 

 

Tags:  Cyber insurance  Cyber Security  insurance content 2019 

Share |
PermalinkComments (0)
 

Cyber Criminals Take an Easy Path — Small Business

Posted By Kim Legato, Tuesday, March 26, 2019

Chubb just released a study that is setting off alarms in the small business community. Cyber criminals are increasingly switching targets. Where they used to focus on large corporations and government, they are now finding small business to be much more fertile territory.

Spokesman Patrick Thielen — the senior president of Chubb’s financial lines — said the report looks at the new types of ransomware that blocks businesses from accessing their own networks until a ransom is paid.

“Cyber criminals typically don’t target specific small businesses, but they increasingly use tools that target their vulnerabilities. Those vulnerabilities are at times technical, like unpatched software or poorly configured hardware,” he said. “But even more common are those vulnerabilities involving employees who may use weak or compromised passwords, or may inadvertently click something they shouldn’t have.”

These are the cyber claims reported to Chubb last year:

  21% of cyber incidents are phishing

  20% due to errors

  14% came from hacking

Chubb’s head of North American claims is Anthony Dolce. He agrees with Thielen and says businesses need to be aware. And more importantly — small business needs to take preventative steps.

“Cyber criminals know that SME leaders may mistakenly think that cybersecurity services are beyond their means, which makes SMEs more vulnerable to an attack,” he said. “However, we are living in an age where cyberattacks are constantly evolving and threatening businesses of all sizes, but especially small to mid-size businesses. Therefore, it remains critical for companies to understand this present age and develop strong risk-mitigation strategies to lessen the impact of cyber threats.”

Source link: Insurance Business America

Tags:  Cyber Security  Insurance Content  Insurance News  Weekly Industry News 

Share |
PermalinkComments (0)
 

Introducing Cyber 101 Classes: Learn about the 7 most common cyber risks

Posted By staff reporter, Tuesday, February 12, 2019

Cyber classes from PIA National

Cyber 101 is the newest educational resource created by PIA and The PIA Partnership to help educate PIA members and their clients about the seven most common cyber risks.

 

Learn about

Fraudulent funds transfer

Extortion/ransomware

Social engineering

Business interruption

Data breach/privacy

Network security

Website media liability


 

Q:  Do I have to be a PIA member to participate in the Cyber 101 courses?

A:  Yes.  However, you can also be a Non-PIA members appointed by Partnership companies. 

To learn which companies are Partnership companies, visit our partner page.

 

Q: What's in it for you?

A:  Become a subject matter expert on Cyber coverage. Producers and CSRs using the Cyber 101 resources will become confident in their abilities to thoughtfully talk about cyber risks and coverage.

 

Q:  How often are Cyber 101 webinars?

A:  Each month, Cyber 101 will introduce new resources on one of these topics:

  • fraudulent funds transfer
  • extortion/ransomware
  • social engineering
  • business interruption
  • data breach/privacy
  • network security .
  • website media liability

 

These topic-specific resources will include:

  1.  interactive claims examples
  2. 1-page PDFs explaining the risk
  3. 30-minute webinars

 

PIA agents can also personalize and provide their clients with general cyber educational resources. All webinars will be recorded and made available on the Cyber 101 website

 

Q:  How do I access Cyber 101? 

 

  • PIA Members

Login here to access Cyber 101

 

  • PIA Non-PIA members

Click here to access Cyber 101

 

  • Other agents

Click here to become a PIA member

 

 

 

Helpful Downloads

Download me!

Download me!


For additional information about The PIA Partnership

 www.ThePIAPartnership.com.

Tags:  cyber 101  cyber education  Cyber risks  cyber security 

Share |
PermalinkComments (0)
 

Cyber Attacks — Consumers Want More from Insurance

Posted By staff reporter, Tuesday, February 12, 2019

Consumers want more insurance help with their cyber woes, and potential cyber woes. The why is easy. From automobiles to interconnected homes, just about every aspect of people’s lives are impacted by technology, and that technology is a sieve and easy for hackers to access.

Take automobiles for example. Asaf Ashkenazi of the software company Inside Secure said hackers can use connectivity to access private information and can even use it to steal the car. “The worst-case scenario is that they can completely take over and control anything in your car, from the brakes to the steering wheel,” he said. “The scariest scenario is that you're driving and they make your car crash.”

Then there’s the loss of personal records. The Identity Theft Resource Center’s 2018 End of Year Data Breach Report said 447 million consumers had their personal records compromised last year. That is a 126% increase from 2017.

What’s ironic is the total number of data breaches in 2018 fell by 23%.

Paul Robinson of GreyCastle Security said, “It’s very difficult now to avoid these attacks, even if you're taking the precautionary measures, such as managing your bank account and things of that nature. Now please do that, don't neglect watching your accounts and keeping an eye on your medical records, but the horse has left the barn per se.”

Assurant’s new study, The Connected Now says the connected lifestyle isn’t connecting with everybody. This is where insurance might be helpful. More on that in a bit.

The risk management firm said like it or not, nearly 40% of consumers identify themselves as technophobes. They own an average of 1.3 connected products. These range from smartphones and computers to equipment to manage things in the home.

Those same people — or 78% of them — worry about ID theft and the compromising of their personal information. They point that worried finger at interconnectivity — connectivity they are not that happy with.

Yet, 69% do admit this technology makes their lives easier. 

This is where insurance has an opportunity to shine. Parks Associates — an Internet of Things marketing and consulting company — said its research finds that 40% to 50% of households with access to broadband Internet want additional insurance services.

Parks Associates said this applies to those who own their homes and those renting.

Of those interested, 35% want insurance services that are proactive and that communicate the potential risk of the smart devices in their homes. They want to be updated and warned ahead of time.

Parks Associates spokesman Brad Russell said the insurance they want will take care of the restoration of those services and repair their home after the damage occurs.

“A restoration service that repairs damage is the most appealing service among insured households, but there is strong interest in proactive services, which would be enabled by smart home devices and AI capabilities to detect and prevent risk situations,” he said.

And he noted that advances in technology now let the insured and the insurer connect and interact more easily than ever. “Connected devices are reshaping the way consumers think about many traditional services and how they interact with their service providers,” he added. “These trends in consumer expectations, combined with the wealth of data derived from IoT solutions, are opening significant market opportunities for the insurance industry.”

 

Source links: PropertyCasualty360.com, USA Today, WHEC-TV, Insurance Business America

Tags:  cyber breach  Cyber Security  insurance content  insurance news 

Share |
PermalinkComments (0)
 

Special Report: The Cyber Security Challenge

Posted By Staff reporter, Tuesday, February 5, 2019

A new report from Accenture is frightening. Another one from the Defense Department and the Pentagon is even more frightening than Accenture’s.

The Accenture report is titled Securing the Digital Economy: Reinventing the Internet for Trust. It found 75% of the CEOs think the only solution to the cyber challenges faced by all of us is cross-industry coordination.

Worse, Accenture believes in the next five-years companies worldwide will lose $5.2 trillion from cyber attacks.

  The highest risk is the high-tech industry with $753 billion at stake

  Life sciences has $642 billion at risk

  The automotive industry has $505 billion

“Internet security is lagging behind the sophistication of cybercriminals and is leading to an erosion of trust in the digital economy,” company spokesman Omar Abbosh said. “Strengthening internet security requires decisive — and, at times, unconventional — leadership by CEOs, not just CISOs.

To become a cyber-resilient enterprise, companies need to start by bringing CISOs’ expertise to the board, ensuring security is built-in from the initial design stage and that all business managers are held responsible for security and data privacy.”

 

Here’s more from the report:

 •  79% say the advancement of the digital economy will be stall or slow down if dramatic improvement in internet security is not made

  59% say the internet is growing increasingly unstable

  That same 59% say they are not sure how to respond to that instability

  56% say they would welcome stricter business regulations to fix the problem

 

 PIA Members can take Cyber 101 Webinars no charge

PIA Western Alliance Members can take our Cyber 101 Webinar Classes at no charge!

Click the banner to sign up, today!

In the U.S. the Defense Department — via spokesman Robert Behler — said it cannot adequately defend itself against cyber attacks. The Government Accountability Office (GAO) agrees. Spokeswoman Cristina Chaplain said the military has not been able to secure weapons systems that cost billions to build.

“DOD testers routinely found mission-critical vulnerabilities in systems under development, and in some cases, repeatedly over the years,” she said.

One of the problems with cyber security is the lack of cyber experts to do battle with the bad guys. In the U.S. between September of 2017 and August of 2018, there were 314,000 job postings. Even though most earn something like $95,000 a year on average, job openings stay open.

The National Initiative for Cyber Security Education says if all were filled that would pump up the number of pros battling cyber criminals by 40%. That’s a workforce of 714,000.

Worldwide, (ISC)2 says there are close to three million cyber security jobs open.

In addition to not being able to find experts, current polling says that 43% of organizations around the world fail to adequately do security training.

Worse, universities — 85% of them — have cyber security graduate or undergraduate degrees. However, their more diversified and attractive computer science programs do not offer even one cybersecurity course.

Business and government are continuing to explore options. One idea is a Cybersecurity Peace Corps. The proposal is the same idea as the original Peace Corps and will develop and train people to do cybersecurity jobs. It will require an act of Congress to establish.

Meanwhile, community colleges are now offering boot camps — of sorts — to train people in key skills. 

Whether all this training comes fast enough to avoid the trillions that will be lost in the future to cyber criminals is anybody’s guess. What we all can — however — agree upon is that there is a definite need for action.

 

Source link: Insurance Business America, PropertyCasualty360.com, Tech Crunch

Tags:  cyber breach  Cyber Insurance  Cyber security 

Share |
PermalinkComments (0)
 

Cyber Scams — Americans Lose $18 Billion in 2018

Posted By staff reporter, Tuesday, January 15, 2019

 

Scam artists used a variety of sophisticated schemes to separate Americans from their money in 2018. Those schemes resulted in the loss of a whopping $18 billion to consumers and individuals in the U.S. last year.

That information comes courtesy of Website Builder Expert (WBE). It is a website building and launching platform. WBE came to its conclusions from data produced by the FBI’s Internet Crime Report and from the Insurance Information Institute (I.I.I.).

WBE — as well as most of us — finds the the $18 billion lost shocking. It’s even more shocking when you consider the billions spent each year to combat cybercrime and make websites and other Internet sources safe.

Apparently — and obviously — those measures are not working all that well.

WBE used the statistics from the two reports that show individual complaints to determine which states are most vulnerable and which are the safest. Two PIA Western Alliance states — California and Washington — are on the list of the most vulnerable.

Vermont is the safest. California the least.

 

Here are the stats for the two PIA Western Alliance states in the top-15:

 

1. California

  2018 complaints — 55,774

  Average growth per year in reported crimes — +515

  Average cost per incident — $5,900

 

15. Washington

  2018 complaints — 9,011

  Average growth per year in reported cybercrime — +351

  Average cost per reported incident — $3,572

 

Ironically, WBE says California — unfortunately — will likely have more cyber complaints in 2019 than the bottom 27 states

 

Here’s the list of the 15 most vulnerable states:

1. California

2. Florida

3. Texas

4. Michigan

5. New York

6. Illinois

7. Pennsylvania

8. Georgia

9. Ohio

10. New Jersey

11. North Carolina

12. Virginia

13. Missouri

14. Maryland

15. Washington

The cybersecurity firm McAfee released a report late last year that says cybercriminals are putting out 480 new threats per minute. That frightening statistic comes from

McAfee Labs Threats Report: December 2018.

McAfee’s lead scientist Christiaan Beek said malware attacks were up 73% in the third quarter of 2018.

“Cybercriminals are eager to weaponize vulnerabilities both new and old, and the number of services now available on underground markets has dramatically increased their effectiveness,” he said. “As long as ransoms are paid and relatively easy attacks, such as phishing campaigns, are successful, bad actors will continue to use these techniques.”

 

Source links: PropertyCasualty360.com, Venture Beat

Tags:  cyber scams  cyber security 

Share |
PermalinkComments (0)
 

Get your Super Cyber Education On! with the PIA

Posted By Staff Reporter, Tuesday, December 18, 2018

 

Myth: Hackers and cyber criminals generally target large businesses because that is where they profit most.

Fact:  62 percent of cyber-attacks target small-and mid-sized businesses

 

PIA Members

Get your Cyber 101 On!

Learn what you need to know to keep your business clients safe in an uncertain world. 

PIA created the Cyber 101 education series to help educate agents and their clients about the most common cyber risks faced by small and mid-sized businesses as well as the business practices and insurance coverages that can reduce those risks.

 

HOW TO ACCESS CYBER 101

 

Non-PIA members appointed by Partnership companies: Click here to access Cyber 101.

 

Other agents: To access Cyber 101, you will need to become a PIA member. Learn more about PIA membership and join today!

Tags:  Cyber 101 classes  Cyber Security  pia western alliance 

Share |
PermalinkComments (0)
 

Cyber Threats — Small Business Still Not Prepared

Posted By Staff Reporter, Monday, November 19, 2018


It’s been a year since the WannaCry ransomware struck. In a four-day period it attacked 300,000 computers, and cost businesses and individuals billions of dollars.

Gad Naveh of Check Point's Threat Intelligence and Research & Development team did some research on what’s happened in the past year. Since then hackers have created offshoots of the ransomware and they are creating more chaos. His research also points out that — in spite of the continuing threat — businesses still aren’t prepared.

  77% of chief information security officers (CISO) say they are not equipped to handle these attacks

  Staffing challenges are a problem

  Security technology conflicting with business operation is another

  Just 3% of businesses have the protection needed to repel an attack

  79% are using security solutions from generations two and three

By the way, Naveh points out that we are now up to generation five — Gen V — of this kind of ransomware. The genesis of ransomware is pre-2000.

He is very critical of nations and businesses and says it’s time for the U.S. and other nations to put an end to this problem. He writes, “It does not really matter who launches an attack or why — countries and global business communities simply need to defend themselves better — because the large-scale, multi-vector nature of these attacks are several generations beyond the average enterprise’s security capabilities.

The reality is we’re spending trillions globally on military defense technologies, but investing only a fraction of that on defending businesses and infrastructure against cyber attacks.”

He suggests going back to the basics to start:

  Segment networks to quarantine attacks

  Segmentation stops them from propagating

  Deploy advanced, real-time threat prevention

  This stops attacks before they get a foothold on a network or networks

  Do this across all environments:

  Networks

  Cloud

  Mobile

He also notes we need to get past petty differences and work together — large businesses and small. “Because cyber attacks have become the modern weapon of choice for crippling critical infrastructure, we must work together as a global cybe security community to not only protect individual organizations but also to create a shared vision around protecting cities, nations, and the citizens within them. Without a concerted, collaborative effort, we can expect nations, communities, and our most trusted companies to continue to be woefully unprotected against the next mega cyber attack,” he said.

Another report comes to similar conclusions. Datto is a cyber security and data backup company. It recently released its third annual Global State of the Channel Ransomware Report.

The report says ransom ware is the leading cyber attack experience by small to medium-sized businesses (SMB). Ransomware tops viruses and spyware as the biggest threat to their firms.

  55% of managed service providers (MSP) said their clients experienced a ransomware attack in the first six-months of this year

  35% said their clients were attacked many times

  Some said they were attacked multiple times during a day

  92% of MSPs predict the number of attacks will continue at this rate or a higher rate

 

In the report, the MSPs said their clients have anti-virus software but it’s not enough.

  85% report ransomware protection is installed

  65% say email and spam filters are installed

  29% say their clients have pop-up blockers

 

All failed to block the ransomware attacks.

As we know, downtime for a small business leads to lost revenue. If the downtime is long enough, a small business can fail. The report says, the downtime and cost of the attack in other areas is 10-times what it costs to pay the ransom.

  The average cost per business is $46,800

  The average ransom is $4,300 per attack

 

James Bergl is is a director at Datto APAC. He said most businesses don’t report these attacks and just one in four get reported to authorities.

By the way, if you’re an Apple user and think you’re safe, Bergl said Apple operating systems are becoming increasingly vulnerable. In the report, five times as many MSPs reported ransomware attacks on the macOS and iOS platforms from last year to this.

He said the worst attacks are happening in Asia.

The report said the best protection against a ransomware attack is employee training. Education and training are highly recommended. And it is suggested that the training be ongoing and in areas where ransomware attacks are must likely to occur:

  Phishing attacks

  Malicious websites

  Web ads

  Clickbait directed toward a business

 

Source links: The Next Web, Security Asia

Tags:  cyber attacks  Cyber security  cyber threats  insurance content 

Share |
PermalinkComments (0)
 

Not Doing Cyber Security Could Violate Federal Law

Posted By Staff Reporter, Tuesday, October 23, 2018


The U.S. Securities and Exchange Commission (SEC) has spoken. It says companies that fail to do proper cyber security for its data could be breaking federal law. The idea of law breaking came about in a report that investigated nine unidentified companies who’ve suffered cyber attacks. It wonders if they had the proper internal accounting protection controls in place.

Those systems are required by law.

The investigation focused on business email compromises. This is a way cyber criminals get access to bank accounts and other information. They pose as company executives and other employees to get information sent to them. Scams like this — says the FBI — have netted these businesses $5 billion in losses since 2013.

Stephanie Avakian is the co-director of the SEC Enforcement Division. She said these scams aren’t that sophisticated. They rely upon human inattention to succeed.

 

“We did not charge the nine companies we investigated, but our report emphasizes that all public companies have obligations to maintain sufficient internal accounting controls and should consider cyber threats when fulfilling those obligations,” she said.

 

The warning from the investigation is clear. Regulators, Congress and consumer groups are watching, and are growing more and more focused on requiring companies to do all they can to keep data secure.

By the way, those regulating regulators ought to also pay attention. On October 4th the Pentagon said the system it uses to maintain travel records was hacked. The Department of Defense said 30,000 records were accessed.

As an FYI, the department says it does not administrate those records. That has been outsourced to a third party contractor. It also says the 30,000 records isn’t all that many when you consider the Department of Defense is the nation’s largest employer.

It has 1.3 million enlisted men and 742,000 civilians work for the department.

Source links: Reuters, Insurance Journal, Forbes

Tags:  cyber security  federal law  insurance content  insurance industry  US securities and exchange commission 

Share |
PermalinkComments (0)
 

News on the Cyber Front — Still Not Pretty

Posted By Joey Leffel, Tuesday, August 28, 2018

 

In a new report, A.M. Best and Guidewire’s Cyence Risk Analytics is worried about cyber insurance and cyber insurers. In a new report, the two companies said three of the top-20 cyber insurance providers could face “meaningful to significant gross losses” from a single-event cyber catastrophe.

In the special report Cyber Insurance Market: Stress Testing the Future, Fred Eslami said when looking at the estimated policyholder surplus in 2022, those losses could hit 15% to 119%.

“For the majority of these companies, even the gross losses do not come close to the natural catastrophe probable maximum loss estimates used for stressing the balance sheet strength of the companies,” he said. “However, under these circumstances, a handful of companies could lose a significant amount of surplus, which potentially could create ratings pressure or even trigger a downgrade.”

The report looks at two scenarios:

  Several cloud-based servers fail and widespread service and business interruptions follow

  A common software application gets compromised leading to a global attack

In another report, Gallagher said healthcare providers are the most vulnerable to hacking attacks. They happen regularly and leave the data of hundreds of thousands of people at the mercy of the cyber hackers.

Bloomberg said the average breach of a healthcare system costs more than $400 per patient. The news organization also found that just 33% of healthcare departments have defenses set up for a breach.

Gallagher’s white paper on the subject said there are six things these organizations can do to improve their security:

  Anti-virus and malware prevention

  Firewalls

  Patching

  Encryption

  PCI DDS compliance

  Employee awareness and training

Gallagher’s Adam Cottini said the first and most important thing these organizations need to do is comply with HIPPA regulations and standards that say individual medical data must be protected.

“The HIPPA regulation has been around for a long while and the healthcare industry is tuned into the privacy requirements. Where the challenge comes is with the advancement of technology and how new technology exacerbates the vulnerabilities in the healthcare space relative to protecting and securing information,” Cottini said.

Once the privacy requirements are in place then cyber security priorities must be addressed. “Cyber security doesn’t seem to rise to the same level of priority as other areas of security, but the statistics clearly show that phishing and social engineering is a major driver of a lot of the cyber events that are happening these days, which is why we believe organizations have to continuously drive down on employee training and awareness,” Cottini noted.

The point of Gallagher’s white paper is to raise awareness.

NAS Insurance agrees with some of Gallagher’s conclusions. In its 2018 Cyber Claims Digest, NAS suggests negligent employees and third-party service providers are a common thread when it comes to cyber attacks upon healthcare providers.

Jeremy Barnett of NAS said the most common form of attack to these organizations from this carelessness is ransomeware. “The methods used for ransomware attacks are becoming more sophisticated. Spam email remains a tried and true method: one in six spam email messages comes bundled with ransomware. However, in 2017, criminals also tended to target specific companies,” he said.

From there things get worse.

“Between 2016 and 2017, there was a 152% increase in ransomware as a cause of loss for healthcare cyber claims,” Barnett noted. “The threat is typically to divulge or destroy information, to insert malicious code into a computer system or to damage, destroy or prevent access to a computer system. The monetary demand varies in both amount and the currency: the demand might seek payment in American dollars, a foreign currency or a cryptocurrency.”

While healthcare providers are lagging behind, data analyst FICO said other industries are catching up and those with cyber insurance rose between 2016 and 2017. From 2017 to 2018 those with no cyber security insurance at all fell from 50% to 24%. However, 32% of the nation’s larger companies have adequate cyber insurance.

Many of those are in healthcare.

FICO VP for cyber security solutions Doug Clare said, “Given the number of large-scale and very public breaches in recent years, it’s not surprising that we’ve seen a big increase in US organizations investing in it over the past 12 months, but there’s still some way to go. As the insurance market matures and the litigation and fines increase we expect more firms will also go beyond basic coverage to seek insurance that is more comprehensive.”

And back to healthcare companies. The FICO survey found 70% of them do not have cybersecurity insurance. Just 10% of financial service firms do not have cyber insurance.

Source links: Insurance Business America — link 1, link 2, link 3, Carrier Management

Tags:  cyber breach  cyber insurance  Cyber Security  PIA Cyber Insurance 

Share |
PermalinkComments (0)
 
Page 1 of 10
1  |  2  |  3  |  4  |  5  |  6  >   >>   >| 

A special thank you to our KKlub Members for their support.