Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
Everything You Need to Know About DNS AttacksIt's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask.
Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted.
Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Incident Readiness and Building Response Playbook
In this special report, learn the Xs and Os of any good security incident readiness and response playbook.
Tweet This
1 Comments
User Rank: Moderator
6/20/2017 | 1:12:18 PM
Second, the examples of social engineering, phishing and the lack of coverage should fall more on the insurance agent or broker that placed the coverage. While this coverage may not have been available in January of 2016 (Krebs Article), September of 2015 (BitPay), June of 2016 (PF Changs), and August of 2013 (Schnucks) they are currently available in the marketplace and have been for quite some time. This coverage is readily available from several insurance companies on a cyber liability insurance policy for most industries although the insurance agent may have to request the coverage to specifically be added. The truth is that a correctly written cyber liability insurance policy can respond to everything that was mentioned in the 10 bullet points outlined in the article. Also, many carriers are writing comprehensive policies that will cover everything with a minimum premium of $1,000 (less for some industries) with a deductible of $1,000 to start. This can include the cyber-crime coverage needed in two of the examples (Krebs & BitPay) linked to in the article.
I definitely agree that a company contemplating purchasing a policy should read the fine print; however, the first step should be finding an insurance agent or broker that understands the coverage. A cyber liability insurance policy should complement the risk management measures in place with the mindset of viewing the policy as a service. Many carriers will provide risk management services to a policyholder before and after an event with the goal of making their policyholder more secure.