cyber-insurance

Ineffective Response and Perverse Insurance Incentives Compound Ransomware Problems

Published October 14, 2019 | By Dan Blum

Cybercriminals are mining a lucrative revenue source – ransomware. These attackers launch malware to encrypt digital files and demand bitcoin payment to unlock them. We know that local governments are often paying ransom and that private industry is also suffering… Continue reading →

Posted in Dan Blum | Tagged cyber-insurance, incident response, malware, ransomware

Questions to Ask Your Cyber-Insurance Provider

Published May 28, 2015 | By Dan Blum

The breach problem has increased and cyber insurance is on the radar screen for many CEOs. The U.S. Congress is likely to create supportive legislation for cyber-insurance as a vehicle for improved security data sharing and a market-based solution … Continue reading →

Posted in Dan Blum | Tagged breach, cyber-insurance, cybersecurity, sharing

The Future of Security Architecture Certification

Published March 19, 2015 | By Dan Blum

Would you drive over a Bay Bridge built from an amateur building architect’s blueprints? What if the architect passed a multiple choice test first – is that good enough? Society’s answer to these questions is obviously NO. But unlike… Continue reading →

Posted in Dan Blum | Tagged architecture, certification, cyber-insurance, SABSA, security architecture

After the Breach (Part 2): Cyber-Insurance?

Published November 23, 2014 | By Dan Blum

APTs and cybercriminals are in the news again with more end-of-2014 breach statistics emerging from the analysts. Here’s an update of my After the Breach (Part 1) post with links to some of the latest information, and a new… Continue reading →

Posted in Dan Blum | Tagged breach, cyber-insurance, cybercrime, governance

After the Breach (Part 1)

Published October 17, 2014 | By Dan Blum

As I suggested in my CSA Privacy Heat Index post, the extraordinary volume of privacy abuses in the U.S. may be due not only to its permissive regulations on personal data sharing, but also to its dominance of online… Continue reading →

Posted in Dan Blum | Tagged breach, breach; privacy, cyber-insurance, incident response, privacy

Cyber-Insurance: A Market-Based Approach to Risk Management

Published October 8, 2014 | By Dan Blum

Cyber-insurance has never taken off in the industry. But that may be about to change with recent announcements from a major underwriter that a larger pool of policies, and larger policies, than were provided in the past are now going… Continue reading →

Posted in Dan Blum | Tagged cyber-insurance, cybersecurity, governance, risk management, security assessment

Industrial Control Systems (ICS) ISAC Vision for Security Information Sharing

Published September 26, 2014 | By Dan Blum

At first, the Industrial Control System Information Security and Analysis Center (ICS-ISAC) was just a notion Chris Blask got in 2006 that ICS facilities needed situational awareness of computerized systems at the facility level, and that better regional,… Continue reading →

Posted in Dan Blum | Tagged cyber-insurance, cybersecurity, governance, ICS, ISAC, risk management, security assessments

Fearless Security

Published January 7, 2014 | By Dan Blum

I ran across a web site called Fearless Security themed “Taking the Fear out of Security Decisions.” The site also headlines with Roosevelt’s quote: “The only thing we have to fear is fear itself.”

This is a great message for… Continue reading →

Posted in Dan Blum | Tagged cyber-insurance, risk management, security assessments

cyber-insurance

Subscribe to Blog Notifications... HERE