Resources
Cyber Hygiene: Checklist
Before underwriting or renewing cyber coverage, insurers are taking a deep look at each organization’s cyber practices. To qualify for coverage — and particularly, if you want the best rates and terms — you need the following resources and procedures in place.Cyber - Private Equity's New Priority
Private equity firms need to consider the cybersecurity of their firm and their portfolio as a top priority.Blog Posts
Cyber
2
min read
Cybersecurity Essentials for Remote Work Success
Anyone with access to sensitive financial and personal information is a potential target for cybercrime. This reality requires employers to emphasize the importance of cyber safety in remote work. Is your organization using best practices to secure ...
Cyber
2
min read
DOJ’s Corporate Whistleblower Awards Pilot: Compliance & Risk Impact
In August 2024, the U.S. Department of Justice (DOJ) launched its Corporate Whistleblower Awards Pilot Program to enhance corporate accountability. This program represents a shift from traditional securities law enforcement by the Securities and ...
Cyber
2
min read
Cybersecurity Risks in Hospitality
For many hospitality businesses, tech isn’t a strength and cybercriminals know it. While you’re busy creating great customer experiences, bad actors are looking for entry points to nab credit card data and gain access to your financial accounts. ...
Cyber
2
min read
Combating Surging Ransomware Attacks: Strategies for Universities and Colleges
Universities and colleges are increasingly under siege by ransomware. In 2023 alone, ransomware attacks on higher education institutions surged by 70%, with 66% of universities falling victim to these cyber assaults.
Cyber
2
min read
Cyber Resilience Lessons from the CrowdStrike Outage
Editor's Note: This article originally appeared in Carrier Management. Reprinted with permission, this piece contains helpful tips for all organizations that rely on third-party software and firmware updates in their day-to-day operations.
Cyber
2
min read
Strengthening Cybersecurity in Car Dealerships: Lessons from the CDK Global Hack
The recent cyberattack on CDK Global, which affected thousands of car dealerships nationwide, underscored significant vulnerabilities within industries in which a single vendor hack can disrupt entire swaths of the market, such as healthcare and ...
Cyber
2
min read
Building a Human Firewall: Strengthening Your Cybersecurity Defenses
Cyber threats are escalating. Reports from IBM show that cyberattacks using stolen or compromised credentials surged by 71%, year-over-year in 2023, and 32% of cyber incidents involve data theft and leaks. This indicates a shift towards stealing and ...
Cyber
2
min read
The Christie’s Auction House Hack and You
The ongoing hack of Christie’s auction house immediately ahead of a planned $840M art sale is an abject lesson in the realities of risk in today’s internet-connected and dependent business world.
Cyber
2
min read
Protecting Your Business from Deepfake Threats
Deepfake technology blurs the line between reality and fabrication. While sometimes used for entertainment purposes or as a novelty, deepfakes can be a dangerous tool for cybercriminals, enabling scams, blackmail, and misinformation. Learn more ...
Cyber
2
min read
Change Healthcare Cyber Attack: Cybersecurity Lessons Learned
Change Healthcare's recent cyber attack sparked a crucial discussion on cybersecurity, business continuity, and contingent liability insurance within the healthcare sector. Cyber attacks in healthcare have been increasing in severity, with ...
Cyber
2
min read
Understanding the 23andMe Data Breach and Ensuring Cybersecurity
Companies like 23andMe have revolutionized accessibility to genetic information, promising personalized insights into health. However, with innovation comes notoriety and vulnerability, as highlighted by the recent data breach at 23andMe. This ...
Cyber
2
min read
Don’t Take the Bait: How to Protect Against Phishing Scams
When it comes to cyberattacks, companies of all sizes are only as strong as their weakest link. All it takes is one employee to mistakenly click on a link, and instantly a hacker can gain access to the firm’s network and all they hold dear.
Cyber
2
min read
Understanding the MGM and Caesars Cyberattacks: Lessons Learned
Many of today’s increasingly devastating high-profile “cyberattacks” can actually be attributed to human error. The recent attacks on Caesars Entertainment and MGM Resorts stand as stark examples of this. Caesars reportedly paid a $15 million ransom ...
Cyber
2
min read
AI Might Strengthen Your Cybersecurity Program
Artificial intelligence (AI) is rapidly transforming many industries. It’s already being used to improve cybersecurity and will likely have a major impact on cyber insurance coverage in the coming years.
Cyber
2
min read
Do You Know How to Spot a BEC Phishing Attack?
0nly dumb people fall for email phishing attacks, right? 0f course, everyone thinks they’re immune. 0nly a tech neophyte would fail to pick up on a sketchy note – especially from a familiar source.
Cyber
2
min read
SEC Cybersecurity Rules: Are You Prepared?
Last month, the U.S. Securities and Exchange Commission (SEC) released updated requirements for reporting cybersecurity incidents. These regulations mandate that all publicly traded companies disclose “material” cyber events within four days of ...
Cyber
2
min read
How Small Businesses Can Avoid Cyberattacks
Editor's Note: This cybersecurity article originally appeared in the Q3-2023 issue of Premier Flooring Retailer, a trade magazine published by the World Floor Covering Association. Reprinted with permission, this piece contains helpful tips for all ...
Cyber
2
min read
Ransomware Part II — Ignore Ransom Demands
As discussed in Part I, How to Avoid a Ransomware Payment, insurers strongly discourage paying criminals. Meeting a ransom demand rarely brings relief for the victim, and it emboldens bad actors to continue this type of attack. If ransomware has ...
Cyber
2
min read
Cyber Insurance and Social Engineering Attacks
Criminals often use “social engineering” to groom victims and deceive them into transferring funds or sensitive data. If employees don’t recognize the hallmarks of a social engineering scam, they can easily expose your organization to substantial ...
Cyber
2
min read
The Growing Need for Personal Cyber Insurance
Imagine this scenario: You wake up one day to find that your home network has been hacked. Personal photos, banking credentials, and other sensitive data are all compromised before you even have the chance to think or respond. And even worse, the ...
Cyber
2
min read
Don’t Buy a Cyber Policy
The headline of this article probably strikes you as out of touch with the current state of the cyber marketplace. Both the frequency and severity of cyber-related claims are multiplying. Also, ransomware claims continue to escalate, and it’s ...
Cyber
2
min read
How to Avoid a Ransomware Payment – Part I
There is no getting around it; ransomware is here to stay. Ransomware is a type of malware (malicious software) that can be designed in many harmful forms. Cyber crooks use it to block and lock users from their computers and files until a ransom is ...
Cyber
2
min read
Pixel Tracking: Avoiding HIPAA Violations
Capturing customer data is a popular practice, with websites using the information to generate revenue or conduct market research. One method of data capture known as “pixel tracking” involves collecting and tracking user information from web pages ...
Cyber
2
min read
The Five Things You Need to Prepare for Cyber Renewals
An insurance renewal is a great moment for assessment – what you’re doing well as an organization, things that are accelerating growth, coverage that is protecting your business, and areas where you may be lacking. This is especially true in the ...
Cyber
2
min read
5 Tips for Managing Cyber Costs in 2023
Your organization’s cyber maturity is a primary factor in determining insurability, coverage amounts, and pricing. A cyber-aware workforce and multi-factor authentication have become table stakes. Without these safeguards, your likelihood of getting ...
Cyber
2
min read
Heightened Cyber Risk Amid Bank Failures
The recent bank failures may trigger additional cyber risks and threats to businesses, particularly if you need to transition to new banking partners. Please be aware of the heightened risk of cyber bad actors using social engineering techniques and ...
Cyber
2
min read
How Social Engineering Attacks Present Unique Risks for Health Care
Social engineering scams have become more common and more costly—especially for health care organizations. These scams can result in significant financial and reputational loss, especially when an attack leads to a data breach. Digital ...
Cyber
2
min read
Alert: Coordinated Ransomware Attacks Targeting Hospitals
Cyber threats are looming over the health care industry even as the Coronavirus pandemic is resurging. As noted in this Reuters News story, “Eastern European criminals are targeting dozens of U.S. hospitals with ransomware, and federal officials on ...
Cyber
2
min read
Portfolio Approach, Stronger Controls Stabilize Cyber Market
While the cyber market still has its challenges, there are currently greater signs of stability than at any point in the last 24 months. This positive trend has been driven by several key factors, including important lessons learned from what has ...
Cyber
2
min read
Focus on Systemic Risk Assessment for Increased Cyber Protection
With the ever-growing threat of bad cyber actors disrupting critical processes, a systemic risk assessment of potential cyber vulnerabilities is more important than ever. From an insurer's perspective, the benefits of establishing best practices for ...
Cyber
2
min read
Threats and Optimism Grow in the Volatile Cyber Market
Cyber insurance has undergone continuous change over the past decade and evolved into one of the most complex and important coverages an organization can have in their toolbox. The cyber insurance market is challenging and volatile, however, with ...
Cyber
2
min read
Viewing Cyber Risks Through the Lens of Critical Health Care Infrastructure
An awareness of the need to incorporate cyber protection into existing Property & Casualty insurance programs is growing but planning and preparation for the underwriting submission requires a sharp focus to clearly present the risk to the cyber ...
Cyber
2
min read
Cyber Insurance Needs Grow for Public Companies Under New SEC Proposal
On March 9, the SEC voted to propose significant new rules that would enhance and standardize public company disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting.
Cyber
2
min read
Recapturing Opportunity Costs in A&E Cyber Business Interruptions
Architecture and engineering firms sit in a uniquely vulnerable position when it comes to business interruption losses. With so much of its intellectual property existing digitally, a firm can suffer extensive losses of time and revenue in the event ...
Cyber
2
min read
Cyber Risk Alert – Guidance for Log4j Exploit
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive in response to a known zero day vulnerability in Log4j. Apache Log4j is a logging framework that is embedded in applications which allow developers to log ...
Cyber
2
min read
Increasing Cyber Attacks Lead to Increased Regulations
The U.S. government is beefing up regulations and oversight in the fight against cyberattacks. The threats are top of mind for many Americans thanks to an onslaught of high-profile ransomware attacks like the one that hit Colonial Pipeline, sparking ...
Cyber
2
min read
Strength in numbers - and better medical malpractice rates
Before it became part of Risk Strategies, Danna-Gracey, the agency I co-founded with Julie Danna and Tom Murphy, was Florida’s leading independent medical malpractice insurance specialist. One of the ways we drove the early stages of our growth and ...
Cyber
2
min read
Addressing the Cybersecurity Vulnerabilities in IoT
IoT (Internet of Things) interconnected devices present incredible opportunities for businesses to expand connectivity, automate processes and gather real-time data to which they wouldn’t otherwise have access. On the flip side, these devices ...
Cyber
2
min read
FAQ: Kaseya VSA Supply-Chain Ransomware Attack
The United States Federal Bureau of Investigations, the Cybersecurity and Infrastructure Security Agency (CISA) and multiple media outlets have reported a supply-chain ransomware attack exploiting a vulnerability in Kaseya VSA software.
Cyber
2
min read
Colonial Pipeline Breach: Moving the Needle on Ransomware Regulations
Another major ransomware attack is altering the U.S. cybersecurity landscape. The Colonial Pipeline ransomware attack resulted in the temporary closure of one of the largest oil pipelines in the country. Even with operations resuming – and a ...
Cyber
2
min read
Vendor Selection: Best Practices for Risk Management
When we talk about third-party vendors, we’re talking about the companies you employ to provide services to you or your customers. They can be incredibly useful and cost-effective resources, but they also present a big risk to those who contract ...
Cyber
2
min read
Webinar Recap - Lessons Learned from the Field: Real Life Claims Stories
With Robert Rosenzweig, Risk Strategies National Cyber Risk Practice Leader ; Richard Sheridan, Chief Claims Officer at Berkley Cyber Risk Solutions and Steve Krusko, Chief Underwriting Officer at Berkley Cyber Risk Solutions.
Cyber
2
min read
Cybersecurity and Cloud Solutions
The COVID-19 pandemic has led to an acceleration of adoption of cloud solutions and other remote access tools, with many businesses choosing to put aside previous concerns about potential security risks to accommodate a remote workforce. However, ...
Cyber
2
min read
The Consequences of SolarWinds
The SolarWinds breach brought a reckoning in the world of cybersecurity, with calls for systemic changes in an industry that has already had to shift dramatically. What makes this cyberattack different from any of the previous ones, and what does it ...
Cyber
2
min read
Microsoft Exchange Zero-Day Vulnerabilities
On March 2, 2021 Microsoft posted an alert advising users that a threat group known as Hafnium had engaged in numerous attacks using a previously unknown vulnerability in on-premises Microsoft Exchange servers. Experts estimate that over 100,000 ...
Cyber
2
min read
State of the Market 2021: Cyber
Following a turbulent year, it is hardly an exaggeration to say that the insurance market is in full blown chaos. Rates are higher, claims are up, and the market continues to harden. As we brace for what promises to be another challenging year, ...
Cyber
2
min read
Industry Outlook: Cyber Insurance & Cybersecurity
2020 saw the rise of several key trends in the cybersecurity space, exacerbated by the COVID-19 pandemic and an ever-increasing reliance on technology. As we head into the New Year, let’s look at some of the most pressing issues facing our clients ...
Cyber
2
min read
SolarWinds Orion Platform Exploitation Advisory
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive in response to a known compromise and ongoing exploitation by malicious attackers of SolarWinds Orion, SolarWinds Orion, a network monitoring and ...
Cyber
2
min read
The State of State-Sponsored Attacks
The recent advisory issued by the Office of Foreign Assets Control (OFAC) reminded companies to be wary of potential government sanctions when making ransomware payments. There has been an overall increase in state-sponsored attacks during the ...
Cyber
2
min read
The Risks Behind the Telemedicine Boom
The COVID-19 pandemic has placed enormous strain on health care delivery. As providers have scrambled to deliver patient care while meeting new sanitization and social distancing requirements, telemedicine consequently exploded into popularity as ...
Cyber
2
min read
Ransomware Sanctions
The Office of Foreign Assets Control (OFAC) has issued an advisory for businesses who may find themselves victims of ransomware attacks. The advisory warns that making payments to cyber criminals could violate anti-money laundering sanctions. It ...
Cyber
2
min read
The Growing Ransomware Threat: How to Identify & Remediate Common Vulnerabilities
With Robert Rosenzweig, Mike Convertino (Arceo.AI), Bill Hardin (Charles River Associates), and Steve Krusko (Berkley Cyber Risk Solutions)
Cyber
2
min read
The Ripple Effects of a Ransomware Attack
Ransomware attacks are on the rise, and the potential business interruption and remediation costs can be astronomical. Companies often find themselves in a bind because there is no guarantee that paying the ransom will result in getting back stolen ...
Cyber
2
min read
Cybersecurity Exclusions in a Hardening Insurance Market
Back in February, when the DOJ announced that the Chinese government was behind two of the largest data security breaches of American companies in history — the Equifax breach of 2017 and the Marriott breach of 2018, it rattled the cyber insurance ...
Cyber
2
min read
New Risks for Health Care Providers Amid Coronavirus
Hospitals, long-term care, and medical facilities are on the front lines of the pandemic. In addition to the mounting financial losses and personal sacrifices health care workers have had to make, health care organizations face new sets of ...
Cyber
2
min read
Securing the Remote Workforce in the Wake of the COVID-19 Global Health Crisis
As anticipated at the onset of the COVID-19 pandemic the industry has seen a significant uptick in cyber fraud in the last month and a half. The FBI recently cited an average number of 3,000 to 4,000 daily complaints about online scams compared to ...
Cyber
2
min read
Ransomware on the Rise, Changes in Cyber Market on the Horizon
For the last couple of years, ransomware attacks — in which cyber criminals gain access to a computer system, encrypt the data and demand a ransom to restore it — have been on the rise, with a significant acceleration of incidents in the last few ...
Cyber
2
min read
Ransomware & Business Email Compromise Webinar
On Wednesday, April 17th Risk Strategies, in partnership with cyber security experts The Crypsis Group, hosted a webinar looking at Ransomware & Business Email Compromise. We were joined on the webinar by Chris Salsberry, a Senior Director at ...
Cyber
2
min read
The Internet of Insecure Things is Changing Risk Profiles
We’re rapidly entering the Internet of Things (IOT) era; more and more connected devices are coming online every day, from consumer appliances to medical devices to self-driving cars. This exponential growth brings with it greater vulnerability due ...
Cyber
2
min read
Expect More Class Action Lawsuits after CCPA
In terms of data privacy regulation, 2018 was a ground-breaking year. On May 25, GDPR, the EU’s most stringent regulation on data privacy in 20 years, went into effect, imposing fines of up to €20 million or 4 percent of a company’s worldwide ...
Cyber
2
min read
How Cyber Threats Could Impact Your Courier Business
if you're a courier (or really any business) owner, this is an important question to ask, and even more important that you find the answer...
Cyber
2
min read
Hackers get the headlines, but social engineers get the data
Not a day goes by without a data breach of some type making headlines. Most of those headlines are covering breaches perpetrated by so-called black hat hackers exploiting a technical vulnerability. While far less exciting, the vast majority of ...
Cyber
2
min read
Rising Tide of Privacy Regulation
Call it the GDPR effect. Since May, when the European Union’s General Data Protection Regulation (GDPR) – the most sweeping legislation in history for data privacy protection – went into effect, there’s been a growing trend in the United States to ...
Cyber
2
min read
The internet of (insecure) things - a looming risk in health care?
Technology industry research and advisory firm Gartner estimates that there will be 20.4 billion connected Internet of Things devices (IoT) by 2020. Given the growth potential in this marketplace, these products are often rushed to market and the ...
Cyber
2
min read
Trends in Ransomware
At some point, any business could be faced with a malicious ransomware attack. As cyber criminals grow more sophisticated, ransomware attacks are becoming more destructive year after year, and the cost to companies in remediation, lost revenues, ...
Cyber
2
min read
Weak Virtual Links and Your Business
You’re only as strong as your weakest link – and in today’s networked business world that weak link could be anywhere. Another unfortunate reminder of this surfaced recently as a Canadian supplier to major automakers was breached and important data ...
Cyber
2
min read
Think You’re Safe from Cyber Risk? Think Again
When a private equity firm acquires a company, whether it’s a billion-dollar tech company or a mid-sized pizza franchise, the buyer may be taking on more than the seller’s assets; they may also be taking on relevant exposure associated with those ...
Cyber
2
min read
Ransomware – Payment is only the first cost
So far this year, ransomware attacks have topped the list of cyber-incidents plaguing organizations. In these attacks, hackers break into systems and encrypt all data, effectively preventing access without a special code key. Getting that key, and ...
Cyber
2
min read
Listen up – You might have a Silent Cyber Risk problem
Silent Cyber Risk is a new, emerging term that most outside of the insurance industry have never heard. What is Silent Cyber Risk and why is it gaining so much buzz in the insurance industry? In short it’s a term that speaks to the complex chain of ...
Cyber
2
min read
Should Your Business Be Preparing for GDPR? (Spoiler Alert: Yes)
Since I first put pen to paper on this blog just last week, three more major hacks have hit the headlines – The Hudson’s Bay Company, Orbitz and Under Armour Already in 2018, we have seen several high-profile security breaches. Bad news for sure, ...
Cyber
2
min read
Tips for How Small Businesses Can Respond to Data Risk Privacy Risk Management
According to a Business Insurance poll of business owners and risk managers, cyber security and data privacy have taken the lead as the most concerning business risk, over natural disasters, corporate liability, and changing legislation or ...Sorry!
No items currently match your filtering criteria.