Operations

6/13/2016
12:50 PM
Sean Martin
Sean Martin
Slideshows
Connect Directly
LinkedIn
RSS
E-Mail
50%
50%

12 Tips for Securing Cyber Insurance Coverage

As cyber insurance grows more available and popular it is also becoming increasingly complex and confusing. Our slideshow offers guidelines on how to get insurance, get decent coverage, and avoid limitations in coverage.
Previous
1 of 13
Next

Image Source: imsmartin/Mimecast

Image Source: imsmartin/Mimecast

Cyber Liability Insurance, or cyber insurance, can help protect your organization from the financial ramifications of a successful attack on your data systems, which might include the theft of customer data from your servers. There’s still a lot of confusion around what’s required to get coverage, what it takes to get good rates, and what it takes to ensure a claim will be paid. Some might question whether or not a claim will even be paid given some policies may not be up to snuff when it comes to covering some events such as email attacks.

It’s possible that all of this confusion is introducing some risk to both sides of the bargaining table – insurer and insured. The good news is that the focus on risk is good for all, as it is forcing organizations to look at their risk in light of their use of technology and tech-connected partnerships, thereby raising the cybersecurity posture across the board.

Note: imsmartin would like to thank Thomas Conway, Principal, Ernst & Young LLP, William Dixon vice president, Stroz Friedberg, Howard Miller of LBW Insurance’s Tech Secure division, and Mimecast for their research.

 

Sean Martin is an information security veteran of nearly 25 years and a four-term CISSP with articles published globally covering security management, cloud computing, enterprise mobility, governance, risk, and compliance—with a focus on specialized industries such as ... View Full Bio

Previous
1 of 13
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
roxychan
50%
50%
roxychan,
User Rank: Apprentice
4/10/2017 | 10:31:28 AM
192.168.1.1
Thanks for the help.
Shantaram
50%
50%
Shantaram,
User Rank: Ninja
3/16/2017 | 6:49:06 AM
Re: 192.168.0.1
nice tips, thanks
Pascal_Millaire
50%
50%
Pascal_Millaire,
User Rank: Author
3/15/2017 | 9:18:55 AM
Cyber insurance tips
All pertinent points. On the regulatory fines issue, it is also important to note that policy language may state that regulatory fines are payable "where permissible by law" however in some cases your jurisdiction may not allow for the payment, which renders the coverage moot.
High Stress Levels Impacting CISOs Physically, Mentally
Jai Vijayan, Freelance writer,  2/14/2019
Valentine's Emails Laced with Gandcrab Ransomware
Kelly Sheridan, Staff Editor, Dark Reading,  2/14/2019
Making the Case for a Cybersecurity Moon Shot
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  2/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-8980
PUBLISHED: 2019-02-21
A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory consumption) by triggering vfs_read failures.
CVE-2019-8979
PUBLISHED: 2019-02-21
Koseven through 3.3.9, and Kohana through 3.3.6, has SQL Injection when the order_by() parameter can be controlled.
CVE-2013-7469
PUBLISHED: 2019-02-21
Seafile through 6.2.11 always uses the same Initialization Vector (IV) with Cipher Block Chaining (CBC) Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks.
CVE-2018-20146
PUBLISHED: 2019-02-21
An issue was discovered in Liquidware ProfileUnity before 6.8.0 with Liquidware FlexApp before 6.8.0. A local user could obtain administrator rights, as demonstrated by use of PowerShell.
CVE-2019-5727
PUBLISHED: 2019-02-21
Splunk Web in Splunk Enterprise 6.5.x before 6.5.5, 6.4.x before 6.4.9, 6.3.x before 6.3.12, 6.2.x before 6.2.14, 6.1.x before 6.1.14, and 6.0.x before 6.0.15 and Splunk Light before 6.6.0 has Persistent XSS, aka SPL-138827.