security

When the European Union General Data Protection Regulation (GDPR) came into effect in May 2018, we in the cyber insurance industry all wondered how zealously each national enforcement agency would levy fines for the inevitable infringements.... Read More >
Cyber attacks have become the most prominent threat or disruption to business entities in recent years. Corporate entities are concerned about damages to their brands, the stability of revenues, and the safety and privacy for their employees and customers because criminals have become more sophisticated at figuring out standardized security and evading defenses. Specifically, cyber attacks present unprecedented challenges to 21st century enterprises because of the speed of occurrence and severity of damage, along with the enterprise’s vulnerability to keep up with the evolving complexity and volume of cyber threats. ... Read More >
Bug bounty programs are growing at an incredible rate. According to the 2018 Hacker Power Security Report, almost every statistic about bug bounties has increased: from a 54% increase in new programs launched to a 49% increase in the number of reports submitted and vulnerabilities disclosed publicly. This is a positive sign for the future of the disclosure industry, in contrast to a troubled beginning when companies and governments pursued legal action against those who reported vulnerabilities (such actions, however, are still happening). ... Read More >
At the time of the announcement, the Cyence Cyber Risk model was predicting that Marriott had a probability of 83% of having any incident and a probability of 43% of having a data breach specifically. Perhaps more relevant, our model estimated a 12% probability of having an insurance relevant incident. ... Read More >
I recently hosted a webinar with my Guidewire colleague Caleb Merriman and Amazon Web Services (AWS) Global Head of Financial Services Partner Technology, Peter Williams. The focus was application security in the cloud from the perspectives of the cloud service provider (responsible for security OF the cloud) and the customer (responsible for security IN the cloud).... Read More >
“Is my data more secure in the cloud than it is on premises―or less secure?” That’s one of those million-dollar questions, isn’t it? Fortunately, we can easily answer that question in a single blog post…... Read More >
I love technology. It’s one of the reasons I live in Silicon Valley (aka Nerdvana). And although I’d like to say I’m young for my age, I’m old enough to remember LBPC (life before personal computing). Amongst the valley’s cultural attractions, my favorite is the Computer History Museum. As I tour the displays, I remember working with equipment and systems that are called artifacts today.... Read More >