Operations

6/13/2016
12:50 PM
Sean Martin
Sean Martin
Slideshows
Connect Directly
LinkedIn
RSS
E-Mail
50%
50%

12 Tips for Securing Cyber Insurance Coverage

As cyber insurance grows more available and popular it is also becoming increasingly complex and confusing. Our slideshow offers guidelines on how to get insurance, get decent coverage, and avoid limitations in coverage.
Previous
1 of 13
Next

Image Source: imsmartin/Mimecast

Image Source: imsmartin/Mimecast

Cyber Liability Insurance, or cyber insurance, can help protect your organization from the financial ramifications of a successful attack on your data systems, which might include the theft of customer data from your servers. There’s still a lot of confusion around what’s required to get coverage, what it takes to get good rates, and what it takes to ensure a claim will be paid. Some might question whether or not a claim will even be paid given some policies may not be up to snuff when it comes to covering some events such as email attacks.

It’s possible that all of this confusion is introducing some risk to both sides of the bargaining table – insurer and insured. The good news is that the focus on risk is good for all, as it is forcing organizations to look at their risk in light of their use of technology and tech-connected partnerships, thereby raising the cybersecurity posture across the board.

Note: imsmartin would like to thank Thomas Conway, Principal, Ernst & Young LLP, William Dixon vice president, Stroz Friedberg, Howard Miller of LBW Insurance’s Tech Secure division, and Mimecast for their research.

 

Sean Martin is an information security veteran of nearly 25 years and a four-term CISSP with articles published globally covering security management, cloud computing, enterprise mobility, governance, risk, and compliance—with a focus on specialized industries such as ... View Full Bio

Previous
1 of 13
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
roxychan
50%
50%
roxychan,
User Rank: Apprentice
4/10/2017 | 10:31:28 AM
192.168.1.1
Thanks for the help.
Shantaram
50%
50%
Shantaram,
User Rank: Ninja
3/16/2017 | 6:49:06 AM
Re: 192.168.0.1
nice tips, thanks
Pascal_Millaire
50%
50%
Pascal_Millaire,
User Rank: Author
3/15/2017 | 9:18:55 AM
Cyber insurance tips
All pertinent points. On the regulatory fines issue, it is also important to note that policy language may state that regulatory fines are payable "where permissible by law" however in some cases your jurisdiction may not allow for the payment, which renders the coverage moot.
Valentine's Emails Laced with Gandcrab Ransomware
Kelly Sheridan, Staff Editor, Dark Reading,  2/14/2019
High Stress Levels Impacting CISOs Physically, Mentally
Jai Vijayan, Freelance writer,  2/14/2019
Mozilla, Internet Society and Others Pressure Retailers to Demand Secure IoT Products
Curtis Franklin Jr., Senior Editor at Dark Reading,  2/14/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-7629
PUBLISHED: 2019-02-18
Stack-based buffer overflow in the strip_vt102_codes function in TinTin++ 2.01.6 and WinTin++ 2.01.6 allows remote attackers to execute arbitrary code by sending a long message to the client.
CVE-2019-8919
PUBLISHED: 2019-02-18
The seadroid (aka Seafile Android Client) application through 2.2.13 for Android always uses the same Initialization Vector (IV) with Cipher Block Chaining (CBC) Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks.
CVE-2019-8917
PUBLISHED: 2019-02-18
SolarWinds Orion NPM before 12.4 suffers from a SYSTEM remote code execution vulnerability in the OrionModuleEngine service. This service establishes a NetTcpBinding endpoint that allows remote, unauthenticated clients to connect and call publicly exposed methods. The InvokeActionMethod method may b...
CVE-2019-8908
PUBLISHED: 2019-02-18
An issue was discovered in WTCMS 1.0. It allows remote attackers to execute arbitrary PHP code by going to the "Setting -> Mailbox configuration -> Registration email template" screen, and uploading an image file, as demonstrated by a .php filename and the "Content-Type: image/g...
CVE-2019-8909
PUBLISHED: 2019-02-18
An issue was discovered in WTCMS 1.0. It allows remote attackers to cause a denial of service (resource consumption) via crafted dimensions for the verification code image.