World News

Cyber insurance audit: Painful necessity, or a valuable opportunity? on July 28, 2023 at 12:00 pm

Published

2 years ago

July 28, 2023

Ilia Sotnikov
Contributor

Share on Twitter

Ilia Sotnikov is a security strategist and VP of user experience at Netwrix.

Not that long ago, few companies even considered purchasing insurance to mitigate their financial exposure from a cyber incident, and for those that did, obtaining a policy was as easy as filling out an application and writing a check. Those days are now squarely in the rearview mirror. Today, companies everywhere are rushing to get cyber insurance — the value of the global cyber insurance market reached $13.33 billion in 2022 and is projected to soar to $84.62 billion by 2030.

However, the increased number of policies combined with the sharp uptick in costly attacks led to higher costs for cybersecurity insurance providers. To stem their losses, insurance companies now often require proof that an organization has implemented a variety of security measures in order to be eligible to purchase a policy.

Rather than resisting or resenting risk assessments from potential cyber insurance vendors, IT leaders should regard them as an opportunity to strengthen their organization’s security posture.

Cyber insurance involves risk assessment

Across the insurance industry, policy requirements and premiums vary according to risk assessment. For instance, installing an anti-theft system might reduce the cost of insuring an expensive sports car. A person living in a flood plain can expect to pay more for a homeowner’s policy than someone with a similar house on higher ground — or they might not be able to purchase a policy at all, as homeowners in states like Florida are discovering.

It is the same for cyber insurance. An insurance provider may impose more security demands on a company that hosts large volumes of personally identifiable information (PII) than it does for a company of similar size with far less PII. And organizations that lack sufficient security controls to bring risk down to a level acceptable to an insurance provider might not be eligible for any policy at any price.

What cyber insurance actually covers

The main focus of cyber insurance is obviously on covering the financial risks of an incident. Typically, you can expect the insurance to cover the firsthand costs to the business that are the direct result of the cyber event, such as:

Forensic analysis and incident response. Some insurers require that you engage specific managed incident response services.
Recovery of data and systems caused by actual loss and destruction.
Cost of the downtime due to the cyber event.
Costs incurred from sensitive data breaches, such as handling PR activities, notifying impacted clients, or even providing credit monitoring services to customers.
Legal services and certain types of liability for regulated data, including covering the costs of the civil lawsuits.

It is important to note that insurance rarely or never covers some of the longer-lasting impacts of the event, such as any future profit loss due to theft of intellectual property or the need to invest in cybersecurity program improvements after the event.

There is no consensus on reimbursement for paying a ransom. Not all insurers cover this type of expense. Some experts argue that it can encourage further attacks and fund criminal activities. In some jurisdictions, the discussion is going back and forth on whether paying ransom should be banned altogether.

As with any insurance policy, you can expect extra clauses. These may include the top amount they cover, the requirement to go through a due process with the law enforcement agencies, or involvement in professional ransom-negotiation services.

The must-have security measures for cyber insurance

A recent Netwrix study reveals useful details about the process of qualifying for cyber insurance today. It found that 50% of organizations with cyber insurance implemented additional security measures either to meet the requirements of the policy they selected or to simply be eligible for a policy at all. The figure below shows the specific requirements they reported having to meet:

Image Credits: Netwrix/Netwrix Hybrid Trends Security Report 2023

Don’t take this list as comprehensive or authoritative. For instance, implementing MFA does not necessarily mean requiring MFA for all users; an insurer might require additional authentication only for users with privileged access to sensitive data and systems. In addition, remember that these controls are interrelated. For example, in order to require MFA for access to particular types of data, you need to know where sensitive and regulated data resides and have control over user and administrative privileges.

The value of the global cyber insurance market reached $13.33 billion in 2022 and is projected to soar to $84.62 billion by 2030.

News

Terror Attacks in New Orleans and Las Vegas Linked

Published

1 month ago

January 2, 2025

Bolanle Media Staff

The start of 2025 has been marred by two horrific terror attacks in the United States, one in New Orleans and another in Las Vegas, both occurring on New Year’s Day. These incidents have left communities reeling and have raised concerns about potential connections between the suspects involved.

In New Orleans, a truck driven by 42-year-old Shamsud-Din Jabbar plowed into a crowd celebrating on Bourbon Street, resulting in at least 15 deaths and over 30 injuries. Eyewitnesses reported that Jabbar, a U.S. Army veteran from Texas, deliberately targeted pedestrians while flying an ISIS flag from his vehicle. Following the attack, he exited the truck armed with an assault rifle and opened fire on police officers before being killed in the ensuing confrontation. Authorities discovered improvised explosive devices (IEDs) within his vehicle and in the vicinity of the attack site, further confirming the premeditated nature of this act of terrorism.

Simultaneously, a separate incident unfolded in Las Vegas when a Tesla Cybertruck exploded outside the Trump International Hotel. The driver, identified as Matthew Livelsberger, also had a military background and was reported to have detonated the vehicle packed with firework mortars and fuel, resulting in his death and injuring seven others. Investigators are exploring whether Livelsberger and Jabbar had any prior connection, as both men served at the same military base at different times.

While the FBI has confirmed that they are investigating both attacks as acts of terrorism, they have not established a definitive link between the two incidents. However, similarities in their execution—both suspects rented vehicles from the same company—have prompted further scrutiny into their backgrounds and any potential accomplices.

As investigations continue, authorities are urging anyone with information about either suspect to come forward. The tragic events have sparked discussions about security measures in public spaces, particularly as cities prepare for large gatherings in the coming months.

**Your support keeps us going!**
**Every purchase helps us do what we love. Thank you!**

Bolanle Media is excited to announce our partnership with The Newbie Film Academy to offer comprehensive courses designed specifically for aspiring screenwriters, filmmakers and actors. Our services now include acting classes. Additionally, we are introducing film reviews by experienced critics and professional press article writing covering industry news and trends. Whether you’re looking to craft compelling stories, enhance your acting skills, or gain insights into the film industry, our resources will equip you to thrive in this competitive field. Join us today to unlock your creative potential and bring your artistic vision to life!

Politics

Donald Trump Named TIME’s 2024 Person of the Year

Published

2 months ago

December 15, 2024

Bolanle Media Staff

Donald Trump has been selected as TIME magazine’s Person of the Year for 2024, marking his second time receiving this distinction. The former president, who won a historic comeback victory in the 2024 election, was chosen for his significant impact on global affairs and American politics.

TIME editor-in-chief Sam Jacobs explained the decision, citing Trump’s “comeback of historic proportions,” his role in driving “a once-in-a-generation political realignment,” and his reshaping of both the American presidency and the country’s global role. This recognition comes after Trump’s unprecedented achievement of reclaiming the White House after losing reelection four years earlier.

The selection process involved an extensive interview with Trump at Mar-a-Lago in November, covering a wide range of topics including the economy, foreign policy, and his plans for a second term. Notably, TIME took the unprecedented step of publishing a comprehensive fact-check alongside the interview transcript, examining 15 distinct assertions made by Trump.

Trump’s relationship with TIME has been tumultuous over the years. While he expressed honor at receiving the title in 2016, he has also criticized the magazine’s selections and even claimed he refused a potential Person of the Year offer in 2017. Despite this, Trump participated in the process this year, granting TIME access for an in-depth interview.

To commemorate the announcement, Trump rang the opening bell at the New York Stock Exchange (NYSE). This event marked a significant moment in Trump’s career, as it was his first time participating in this Wall Street tradition.

Trump’s selection as Person of the Year reflects his continued influence on American politics and his ability to reshape the political landscape. As the country prepares for his return to the White House, all eyes will be on how Trump’s second term might further impact both domestic and international affairs.

Bolanle Media is excited to announce our partnership with The Newbie Film Academy to offer comprehensive courses designed specifically for aspiring screenwriters. Whether you’re just starting out or looking to enhance your skills, our resources will provide you with the tools and knowledge needed to succeed in the competitive world of screenwriting. Join us today to unlock your creative potential and take your first steps toward crafting compelling stories that resonate with audiences. Let’s turn your ideas into impactful scripts together!

Film Industry

Jay-Z Denies Allegations Amid Lawsuit

Published

2 months ago

December 9, 2024

Bolanle Media Staff

Jay-Z, the renowned rapper and music mogul, faces serious allegations in a recently amended civil lawsuit. According to ABC News and NBC News, the suit accuses him and Sean “Diddy” Combs of raping a 13-year-old girl at an MTV Video Music Awards after-party in 2000.

The lawsuit, initially filed in October 2024, was updated on Sunday to include Jay-Z as a defendant alongside Combs. The plaintiff, identified only as “Jane Doe,” claims she was assaulted after being driven to the party following the awards show.

Jay-Z, whose real name is Shawn Carter, vehemently denies the allegations. He released a statement on X calling the lawsuit a “blackmail attempt” and questioning why it was filed as a civil case rather than a criminal one. The rapper expressed concern about the impact on his family, stating he and his wife Beyoncé would need to discuss the situation with their children.

Combs, who is currently in federal custody on separate charges, has also denied the accusations through his attorneys. The lawsuit alleges that an unidentified female celebrity was present during the incident but did not intervene.

The case has garnered significant media attention, with both artists’ reputations at stake. As the legal process unfolds, the music industry and public await further developments in this high-profile case.