The Source for Cyber Insurance News, Insights and Data
Starting December 18, 2023, publicly traded companies in the US will be required to disclose material cybersecurity incidents to the Securities and Exchange Commission (SEC). If an organization determines a cyber incident is “material,” the event must be disclosed within four business days. The FBI, working with the Department of Justice, has released guidance for … Read more
The Cybersecurity and Infrastructure Security Agency (CISA) release announces a new partnership with Stanford’s Empirical Security Research Group and focuses on analyzing the effectiveness of security controls, with a focus on ransomware. The effort begins in December. “CISA will ask working group members to collaborate with Stanford to improve analysis of the aggregated, anonymized loss … Read more
Governor Kathy Hochul has proposed cybersecurity regulations for hospitals, backed by a $500 million budget allocation in the FY24 budget. These regulations aim to fortify hospital networks against escalating cyber threats, complementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule focused on safeguarding patient data. Under the proposed provisions, hospitals must establish comprehensive … Read more
“Cyber Risk Accumulation: Fully Tackling the Insurability Challenge’” is a useful new report from The Geneva Association (GA), “a global association of insurance and reinsurance CEOs and think tank for the insurance industry.” See information on the report here. We found a number of the report’s findings valuable, including the role and recent history of … Read more
As in the US, the discussion turns on the threat of a catastrophic “systemic” cyber attack, which could generate $3.5 trillion in “global economic damage” according to a recent model prepared for Lloyd’s of London (which has been tightening its war exclusions.) The UK established a backstop decades ago for terrorism coverage after IRA attacks … Read more