The Source for Cyber Insurance News, Insights and Data
Where reporting requirements exist, lawsuits follow. “The Cyber Incident Reporting Act puts in motion important new cybersecurity reporting requirements that will likely apply to businesses in almost every major sector of the economy, including health care, financial services, energy, transportation and commercial facilities.” Source: Biden Signs Cyber Incident and Reporting Act, Requires Reporting
Insurers have been tightening their war exclusions and clarifying attribution requirements, especially after the recent court win by Merck over reimbursement of its losses from 2017’s NotPetya malware attack. “However, in DBRS Morningstar’s opinion, attribution of cyber warfare remains a challenge because it places the onus on the insurer to demonstrate that a cyber incident … Read more
Move is linked to the Terrorism Risk Insurance Program (TRIP) & potential increased industry role by US Treasury Department. “Treasury is navigating a narrow course between trying to work with insurers to gather data on ransomware payments and warning insurance companies and other financial third parties that they run the risk of violating sanctions by making such … Read more
Our prediction is plenty of wrangling on the definition of “materiality.” “The new requirement applies to any cybersecurity incidents that are expected to materially impact a bank’s ability to provide services, conduct its operations or undermine the stability of the financial sector. The rule was approved by the Federal Reserve, Federal Deposit Insurance Corporation and … Read more
“‘Progressive versions of workers’ comp have led to improved employee health and safety measures and proactive prevention efforts to reduce the risk of workplace injuries,’ Kundi said. ‘Similarly, as we better understand cyber risk, better data will show the connection between risk mitigation and cyber losses, pressuring companies to invest in security and protection.’” … Read more