Friday, November 18, 2022

Cyber insurance looks like a great business to get out of… What must your premiums be if 80% of your clients make claims?

https://www.cpomagazine.com/cyber-security/80-of-companies-filing-cyber-insurance-claims-portends-higher-costs-new-requirements-for-security-controls/

80% Of Companies Filing Cyber Insurance Claims Portends Higher Costs, New Requirements for Security Controls

Demand has jumped for cyber insurance recently, and companies appear to be quick to make use of it. A new report from cybersecurity firm Delinea finds that nearly 80% of companies that have coverage have used it, and 50% have used it more than once. Yet only 30% are carrying policies that cover critical risks pertaining to ransomware attacks. As a result, requirements by insurers to implement security controls are already on the rise: over half say they are required to perform cybersecurity awareness training, and just under half are required to implement measures such as MFA and regular data backups.



(Related)

https://www.csoonline.com/article/3680588/fortinet-s-fortiguard-labs-recaps-state-of-ransomware-settlements.html#tk.rss_all

Fortinet’s FortiGuard Labs Recaps State of Ransomware Settlements

It’s painfully obvious at this point that ransomware continues to grow in popularity. As Fortinet’s FortiGuard Labs team found, the number of new ransomware variants doubled in just the first half of 2022 compared to the previous six-month period. It’s no wonder more companies are turning to cyber insurance to help recoup their losses when they do have to pay a ransomware settlement.

That’s an option – but think of it as a parachute for your parachute; it doesn’t take the place of having all of your other safety guards in place. Cyber insurance can also be a double-edged sword. It has grown in popularity and usually compensates for losses brought on by hacking and data theft, extortion and destruction. Because it sometimes covers ransomware costs, it may seem like a reasonable way to address this threat.

But cyber insurance isn't nearly the panacea many firms were hoping for, since hackers are well aware that organizations with insurance are more likely to pay out a settlement for ransomware payments.





Cyber war: ready or not, here it comes…

https://www.cyberscoop.com/biden-nspm-13-pentagon-cyber-operations/

Biden set to approve expansive authorities for Pentagon to carry out cyber operations

The Defense Department has largely won out in a long-running bureaucratic battle with the State Department over retaining its broad powers to launch cyber operations, according to two sources familiar with the matter.

President Biden is set to sign off on these authorities in a newly revised version of National Security Policy Memorandum-13, the official said.

First instituted in 2018, NSPM-13 allowed the delegation of “well-defined authorities to the secretary of defense to conduct time-sensitive military operations in cyberspace,” according to a 2020 speech given by Paul Ney, then the general counsel for the DOD. Designed by President Trump’s National Security Council and promoted by then National Security Adviser John Bolton, NSPM-13 was intended to streamline the approval process for cyber operations that Bolton describes in his memoir as “frozen solid” when he arrived in office.





I wonder if we could get the CEO to ‘volunteer’ for this? Might help at budget time.

https://www.nbcnews.com/pop-culture/tiktoker-consensually-doxxing-people-teach-social-media-privacy-rcna55037

This TikToker is 'consensually doxxing' people to teach them about social media privacy

Many users go to great lengths to secure their social media accounts — but one TikTok creator is showing people that their profiles aren’t as private as they seem.

Kristen Sotakoun, 32, is behind a viral TikTok series devoted to “consensual doxxing,” in which she reveals the birthdates of people in her comments section.

Sotakoun isn’t a data privacy expert, nor is she experienced in cybersecurity. She is a restaurant server in Chicago who simply loves puzzles. And that’s how she views each of her consensual doxxing subjects — as a kind of logic game.





For extreme levels of incompetence we shall henceforth use the phrase, “He Musked it up!”

https://www.bloomberg.com/news/articles/2022-11-17/musk-softens-remote-work-mandate-to-retain-twitter-staffers

Musk’s ‘Hardcore’ Ultimatum Sparks Exodus, Leaving Twitter at Risk



(Related)

https://www.theverge.com/2022/11/17/23465274/hundreds-of-twitter-employees-resign-from-elon-musk-hardcore-deadline

Hundreds of employees say no to being part of Elon Musk’s ‘extremely hardcore’ Twitter



(Related)

https://www.thedailybeast.com/sabotage-shy-elon-musk-boards-up-twitter-offices-until-monday-as-remaining-staff-flock-to-quit-report-says

Sabotage’-Shy Musk Boards Up Twitter Offices as Staffers Flock to Quit: Report



No comments: