DISC InfoSec blog

Security chiefs should shop early for coverage and prepare for long questionnaires about their companies’ cyber defenses, industry professionals say For many businesses, obtaining or renewing cyber insurance has become expensive and arduous. The price of cyber insurance has soared in the past year amid a rise in ransomware hacks and other cyberattacks. Given these […]

When security fails, cyber insurance can become crucial for ensuring continuity. Cyber has changed everything around us – even the way we tackle geopolitical crisis and conflicts. WhenEinstein was asked what a war will look like in the future, he couldn’t have predicted the importance ofdigital technology for modern societies. According to a report by IDC, […]

For these and other reasons, organizations are increasingly opting for cyber insurance coverage and paying higher premiums year after year. According to the U.S. Government Accountability Office, the number of companies opting for cybersecurity coverage grew from 26% in 2016 to 47% in 2020, and most saw breach insurance premiums increase by up to 30%. Given […]

Governments and law enforcement hate it when ransomware victims pay the blackmail demands that almost always follow a ransomware attack, and you can understand why, given that today’s payments fund tomorrow’s cybercriminality. Of course, no one needs to be told that. Paying up hurts in any number of ways, whether you feel that hurt in your […]

AXA’s branches in Thailand, Malaysia, Philippines and Hong Kong have been hit by a ransomware attack, with hackers claiming they have accessed more than 3-terabytes of sensitive data.  Included in that trove of data, according to the hackers, are customer medical reports – which is also said to expose their sexual health problems – as […]

It might seem logical to try to negotiate the ransom demand down to an amount that isn’t going to break the bank but would still be enough to satiate cybercriminals’ thirst for cash. Unfortunately, this isn’t a good idea, because negotiations can backfire and even cause ransomware gangs to increase their ransom demands. This recently […]

By DISC InfoSec The limited availability of data on cyber incidents has made it difficult to develop full probabilistic models for use in pricing cyber insurance cover. While a few insurance companies, brokers and other companies have developed pricing models that provide quantifiable probabilistic estimates of potential losses based on Fair methodology, the vast majority […]

When IT and security professionals plan how to respond, they must not underestimate the degree to which many of the transformative changes to our working patterns enacted due to COVID-19 have already changed our risk of ransomware attacks. After the first “shelter in place” orders were issued, many organizations swung into action to accommodate work-from-anywhere policies. The […]

Are war exclusion clauses fit for purpose under International Humanitarian Law as cyber-attacks? When UK and US said it was Russia, they weren’t thinking of the litigators! Among the victims was US food giant Mondelez – the parent firm of Oreo cookies and Cadburys chocolate – which is now suing insurance company Zurich American for […]

Credit rating agency Equifax is to be fined £500,000 by the Information Commissioner’s Office (ICO) after it failed to protect the personal data of 15 million Britons. A 2017 cyber-attack exposed information belonging to 146 million people around the world, mostly in the US. The compromised systems were also US-based. But the ICO ruled Equifax’s […]

By Foundstone Services Advancement of technology is deriving proliferation of threat landscape rapidly which extend attack vectors. With proliferation of automated tools available for cyber criminals; it’s not a matter of “if” but “when” there will be a security breach. There are two types of organizations in this category, those who’ve been hacked, and those […]

RESILIA™ Cyber Resilience Best Practices AXELOS’s new guide RESILIA™ Cyber Resilience Best Practices provides a methodology for detecting and recovering from cyber security incidents using the ITIL lifecycle RESILIA™ Cyber Resilience Best Practices Best guide on Cyber Resilience on the web – Cyber Resilience Best Practices is part of the AXELOS RESILIA™ portfolio. RESILIA™ Cyber Resilience […]

by Davey Winder It’s a scenario that every small online business fears: site security is compromised, hackers steal customer data including credit-card details, and your brand and your reputation are left in ruins. No wonder then, that many small online businesses are looking to insure against hackers and the resulting financial impact of a security […]