The Source for Cyber Insurance News, Insights and Data
Government regulations impacting cyber security and cyber insurance.
Four companies have settled charges by the Securities and Exchange Commission (SEC) that they made “materially misleading disclosures” after being breached in 2020 by the SolarWinds’ Orion software hack (US public companies have been required to disclose material cyber events since last year, see this.) But two of five SEC commissioners dissented on the charges, … Read more
Anne Neuberger, the U.S. Deputy National Security Adviser for Cyber and Emerging Technology, wrote an opinion piece in the Financial Times on the evolving nature of ransomware attacks and the need for an updated response. This piece revisits the issue of banning ransomware payments, a topic we’ve previously covered as the ransomware crisis continues to … Read more
In response to the European Union’s stringent new Network and Information Security Directive cybersecurity regulations (NIS2), Bitsight, a global cyber risk management firm, has announced significant investments to enhance its third-party risk management solutions in Europe. These investments aim to help businesses comply with the NIS2 Directive, which mandates stronger cybersecurity measures and improved risk … Read more
Starting December 18, 2023, publicly traded companies in the US will be required to disclose material cybersecurity incidents to the Securities and Exchange Commission (SEC). If an organization determines a cyber incident is “material,” the event must be disclosed within four business days. The FBI, working with the Department of Justice, has released guidance for … Read more
“Cyber Risk Accumulation: Fully Tackling the Insurability Challenge’” is a useful new report from The Geneva Association (GA), “a global association of insurance and reinsurance CEOs and think tank for the insurance industry.” See information on the report here. We found a number of the report’s findings valuable, including the role and recent history of … Read more