Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

4/20/2012
02:56 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

10 Things To Consider Before Purchasing Cyber Insurance

ID Experts has created a free checklist to help guide companies

PORTLAND, Ore. - April 19, 2012 - A company's most valuable asset is information, often referred to as "big data" that can include consumers' financial information, patient diagnoses, transaction records of online purchases or scientific data. In fact, 2.5 quintillion bytes of data are generated every day, according to IBM. Threats-hacking, outsourcing, cloud resources, and mobile devices-are raising the legal, financial, reputational, and regulatory stakes for companies and organizations. To manage these threats, companies are turning to cyber insurance as part of their overall risk management strategy. But because cyber insurance policies are different than traditional insurance policies, ID Experts has created a free checklist to help guide companies with this important decision: 10 Things to Consider Before Purchasing Cyber Insurance, http://www2.idexpertscorp.com/resources/general- resources/tools1/10-things-to-consider-before-purchasing-cyber-insurance/

Click to Tweet: 10 Things to Consider Before Purchasing Cyber Insurance http://bit.ly/H6IywU via @IDExperts

"Along with robust privacy and security programs, cyber insurance can be an effective way to offset data breach risks," said Jeremy Henley, insurance solutions manager at ID Experts. "It makes good sense to first carefully evaluate data breach risks, identify vulnerabilities, and then shop wisely for a policy that meets the organization's needs."

Evaluating Cyber Insurance Cyber insurance policies typically cover an organization's data that is stored both online and offline. These policies are designed to help offset expenses that may arise from a data breach event, including forensics investigations, notification letters and call centers, credit monitoring, legal fees, public relations activities, regulatory and legal fines and penalties, and liability. However, there are often limits on coverage and choice. Some cyber policies may restrict the way an organization responds to a data breach. For example, in the event of a healthcare data breach, the policy may only cover credit monitoring services, when in fact a patient needs medical identity monitoring. Or coverage may not extend to a data breach caused by a third party, such as a cloud computing service provider, even though the primary organization is liable.

Before deciding on a particular policy, companies must carefully evaluate their options. ID Experts recommends companies: -Understand their current insurance coverage -Assess the risks for a data breach and potential exposure of sensitive data -Take advantage of value-added services offered by an insurer -Avoid common pitfalls with an insurance carrier

For a complete list of tips, visit 10 Things to Consider Before Purchasing Cyber Insurance, http://www2.idexpertscorp.com/resources/general- resources/tools1/10-things-to-consider-before-purchasing-cyber-insurance/

About ID Experts ID Experts is the leader in comprehensive data breach solutions that deliver the most positive outcomes. The company has managed hundreds of data breach incidents, protecting millions of affected individuals, for leading healthcare organizations, corporations, financial institutions, universities and government agencies. In healthcare, the company contributes to relevant legislation and rules including HITECH and is a corporate member of HIMSS. ID Experts' data breach preparedness and response services have been endorsed by the American Hospital Association. ID Experts is active with organizations that advocate for privacy for Americans including ANSI/Identity Theft Prevention, Identity Management Standards Panel and the International Association of Privacy Professionals. For more information, visit http://www2.idexpertscorp.com/; join in the All Things HITECH discussion via LinkedIn at bit.ly/AllThingsHITECH; and follow ID Experts on Twitter @IDExperts.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
Jai Vijayan, Contributing Writer,  4/15/2021
News
Dependency Problems Increase for Open Source Components
Robert Lemos, Contributing Writer,  4/14/2021
News
FBI Operation Remotely Removes Web Shells From Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7856
PUBLISHED: 2021-04-20
A vulnerability of Helpcom could allow an unauthenticated attacker to execute arbitrary command. This vulnerability exists due to insufficient authentication validation.
CVE-2021-28793
PUBLISHED: 2021-04-20
vscode-restructuredtext before 146.0.0 contains an incorrect access control vulnerability, where a crafted project folder could execute arbitrary binaries via crafted workspace configuration.
CVE-2021-25679
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** The AdTran Personal Phone Manager software is vulnerable to an authenticated stored cross-site scripting (XSS) issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed....
CVE-2021-25680
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** The AdTran Personal Phone Manager software is vulnerable to multiple reflected cross-site scripting (XSS) issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed. Only...
CVE-2021-25681
PUBLISHED: 2021-04-20
** UNSUPPORTED WHEN ASSIGNED ** AdTran Personal Phone Manager 10.8.1 software is vulnerable to an issue that allows for exfiltration of data over DNS. This could allow for exposed AdTran Personal Phone Manager web servers to be used as DNS redirectors to tunnel arbitrary data over DNS. NOTE: The aff...