Security news aggregator

Latest coverage for Insurance

Insurance shapes how cyber risk is priced, transferred, and investigated, influencing breach costs, security incentives, and liability.

4 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Cyber insurance transfers some financial risk from security incidents to an insurer under a contract. Policies may cover first-party costs such as forensic investigation, system restoration, notification, and interruption of the insured’s business, as well as third-party privacy or security claims. Coverage depends on limits, deductibles, exclusions, and the policy’s definitions; regulatory penalties and ransom payments, for example, may be restricted or unavailable in some jurisdictions.

For security practitioners, insurance makes evidence of controls an operational and legal concern. Underwriting and claims may examine multifactor authentication, protected backups, logging, vulnerability remediation, access control, and tested incident-response plans. Inaccurate application answers or failure to meet policy conditions can reduce or invalidate recovery. During a claim, organizations may also share sensitive personal, technical, and investigative information with insurers, brokers, lawyers, and responders, requiring careful privacy, confidentiality, and evidence-handling practices.

Showing 4 most recent headlines Filtered view

Experts Suspect Scattered Spider Is Behind Rash of Recent Insurer BreachesAflac is the latest insurance company dealing with a cyberattack. The company is investigating a cyber incident that did not involve ransomware encryption of its IT systems, but did potentially compromise data. Experts suspect Scattered Spider is behind the recent rash of insurance incidents.

Erie Insurance and Philadelphia Insurance Still Recovering From Separate AttacksStatements by Erie Indemnity Co. and Philadelphia Insurance Companies indicate that voluntary decisions to disconnect their systems from the network - not ransomware encryption - have disrupted operations over the past 10 days since the carriers were hit with separate cyberattacks.

Erie Insurance and Philadelphia Insurance Still Recovering From Separate AttacksStatements by Erie Indemnity Co. and Philadelphia Insurance Companies indicate that voluntary decisions to disconnect their systems from the network - not ransomware encryption - have disrupted operations over the past 10 days since the carriers were hit with separate cyberattacks.

Bank Info Security 1 year, 1 month ago

Scattered Spider Targeting American Insurance Firms

Hackers Posing as Help Desks and Call Centers to Target Victims, Google WarnsA hacking collective behind recent cyberattacks on major British retailers has pivoted to target U.S. insurance firms, warned Google. Scattered Spider, tracked as UNC3944 by Google, is a financially motivated threat group consisting largely of English-speaking adolescents.