Security News

Beginning in Autumn 2024, existing photo-less national health insurance cards will no longer be accepted, officially replaced by My Number Cards. There's only one problem: Japan residents seem reluctant to adopt them, with an online petition to keep current health cards quickly gathering 100,000 signatures.

Luckily, there's a new eBook dedicated to helping small security teams better understand cyber insurance policies and how they may impact an organization's cybersecurity measures. Organizations with even the smallest cybersecurity teams are now looking at cyber insurance to protect their businesses from cyber-attacks.

The data snafu dates back to 2020, and, according to EyeMed, it's likely the result of one of its people falling for a phish. The investigation later revealed that the intrusion ran from around June 24 to July 1, 2020, during which time miscreants read and stole emails and attachments containing consumers' non-public health information, including data concerning minors, that date back six years prior to the cyberattack.

In the world of insurance providers and policies, cyber insurance is a fairly new field. And many security teams are trying to wrap their heads around it. What is it and do they need it? And with...

Health insurance provider Medibank has confirmed that a ransomware attack is responsible for last week's cyberattack and disruption of online services.Medibank Private Limited is one of Australia's largest private health insurance providers, covering over 3.7 million people and having 4,000 employees.

As cyber threats grew, so did the appetite for risk transfer, with the US Government Accountability Office noting a dramatic increase in the proportion of insurance clients taking out cyber insurance policies. The change in infrastructure and access methods created yet more layers of security risk, making cyber risk transfer even more problematic for underwriters.

Cyber insurance is quickly becoming an unavoidable part of doing business as more organizations accept the inevitability of cyber risk. While other potential disruptions benefit from stable insurance providers with decades or even centuries of practice behind them, cyber insurance is a nascent field that has proven hard to get a handle on.

Lloyd's of London insurance policies will stop covering losses from certain nation-state cyber attacks and those that happen during wars, beginning in seven months' time. Because of this, all standalone cyber attack policies must include "a suitable clause excluding liability for losses arising from any state-backed cyberattack," Chaudhry wrote.

The number of organizations that will be either unable to afford cyber insurance, be declined cover, or experience significant coverage limitations is set to double in 2023, according to Huntsman Security. This Help Net Security video uncovers why so many organizations are losing cyber insurance as an important risk management tool.

A Minnesota computer store suing its crime insurance provider has had its case dismissed, with the courts saying it was a clear instance of social engineering, a crime for which the insurer was only liable to cover a fraction of total losses. Travelers, which filed a motion to dismiss, said SJ's policy clearly delineated between computer fraud and social engineering fraud.