Podcasts about cyber liability insurance

On this episode of Compliance Unfiltered, the CU guys go on a myth-busting adventure into the realm of Cyber Liability Insurance. Curious if you can buy enough insurance to replace your full compliance program? Wondering about common issues pertaining to the Cyber Liability Insurance application process? Concerned about those blurry lines regarding data security and responsibility? Well the CU guys have got you covered with all these answers and more, on this week's Compliance Unfiltered!

Show Website: https://mspbusinessschool.com/ Guest Name: Brian Guenther LinkedIn page: https://www.linkedin.com/in/brianwguenther/ Company: Exceed Cybersecurity & I.T. Services Website: https://www.exceeditmd.com/ Host Brian Doyle: https://www.linkedin.com/in/briandoylevciotoolbox/ Brian Guenther is a seasoned cybersecurity expert and the founder of Exceed Cyber. With over 26 years of experience in the IT and cybersecurity industry, Brian started his career by building PCs and gradually transitioned into IT franchise ownership. He founded Exceed Cyber in 2017, focusing on helping businesses navigate the complex landscape of cybersecurity compliance, specifically for those with federal contracts mandated by regulations such as CMMC, SoC2, and ISO 27001. His deep understanding of governance, risk, and compliance processes makes him a valuable asset for companies needing to secure their operations against current cyber threats. Episode Summary: In this enlightening episode of MSB Business School, host Brian Doyle sits down with cybersecurity expert Brian Guenther to discuss the nuances of the Cybersecurity Maturity Model Certification (CMMC). As regulations around cybersecurity become more stringent, especially for defense contractors, understanding CMMC's requirements and implications is crucial. Brian Guenther, with his wealth of experience, dives into the evolution of CMMC, highlighting its origins, the essential controls necessary for compliance, and the critical role MSPs play in this landscape. The discussion delves into how CMMC has become a focal point for organizations dealing with controlled unclassified information (CUI) and why being prepared for compliance is vital. Brian Guenther emphasizes the importance of proactive engagement in compliance processes, illustrating how MSPs can leverage their positioning by becoming CMMC-certified to differentiate themselves in the marketplace. He also sheds light on the geopolitical nuances affecting these regulations and how changes in political leadership might influence—but not diminish—the momentum towards stricter cybersecurity standards for federal contractors. Key Takeaways: CMMC is paramount for defense contractors: Understanding and implementing CMMC is crucial as it enforces standards that contractors should have been following since 2017. Compliance does not equal security: While security frameworks like NIST 800-171 underpin CMMC, compliance serves as an initial checkpoint rather than the full spectrum of cybersecurity. MSPs must prepare adequately: Even though MSPs are not directly required to certify under CMMC, being prepared and knowledgeable is crucial for assisting clients. Cyber liability is a key driver: Insurance and regulatory requirements are pushing businesses to adopt more sophisticated cybersecurity measures. Proactive steps are essential: Waiting for enforcement isn't viable; MSPs and their clients should start their compliance journey immediately. Sponsor vCIOToolbox: https://vciotoolbox.com

With all the hacks and breaches we've seen, Cyber Liability coverage is vital—but there's SUCH a lack of standardization that there are wild, wild variations from one policy to the next. Check out this episode, with expert Robert Romar, where we talk “all things an employer needs to know about Cyber Liability Insurance!"About the Show:The H.I.T. Podcast, Ep #1 (Powered by Montage Insurance Solutions): A thought leader in the space, curating the top news and information to deliver a brief, high impact overview designed specifically for the Human Resources professional, business person, and company executive.Find out more here: www.hitpodcast.comThank you to our Sponsors: Kingdom Legacy Benefits (KLB), Cigna and Equitable!

David Elfering, CISO at Carrix and former security and risk executive at Marsh, is back for another episode of the Claroty Nexus podcast to discuss cyber liability insurance. Elfering has extensive experience working not only as an enterprise cybersecurity executive, but also with one of the world's leading insurance carriers. Listen as he brings insight on that perspective, how carrier cybersecurity requirements align with risk reduction, red flags that can imperil coverage or claims, and how cyber insurance providers are looking at geopolitical conflict. 

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: David Elfering on CISOs and Cyber Liability InsurancePub date: 2024-01-04David Elfering, CISO at Carrix and former security and risk executive at Marsh, is back for another episode of the Claroty Nexus podcast to discuss cyber liability insurance. Elfering has extensive experience working not only as an enterprise cybersecurity executive, but also with one of the world's leading insurance carriers. Listen as he brings insight on that perspective, how carrier cybersecurity requirements align with risk reduction, red flags that can imperil coverage or claims, and how cyber insurance providers are looking at geopolitical conflict. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 31 · TOP 5% what is this?)Episode: David Elfering on CISOs and Cyber Liability InsurancePub date: 2024-01-04David Elfering, CISO at Carrix and former security and risk executive at Marsh, is back for another episode of the Claroty Nexus podcast to discuss cyber liability insurance. Elfering has extensive experience working not only as an enterprise cybersecurity executive, but also with one of the world's leading insurance carriers. Listen as he brings insight on that perspective, how carrier cybersecurity requirements align with risk reduction, red flags that can imperil coverage or claims, and how cyber insurance providers are looking at geopolitical conflict. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Hello, I'm Mark Bassingthwaighte, the risk manager here at ALPS, and welcome to another episode of ALPS In Brief, the podcast that comes to you from the historic Florence building in beautiful downtown Missoula, Montana.  Okay, today it's just me, and we're going to talk about managing cyber crime risks and really looking at the whys behind what it does in terms of obtaining cyber liability insurance. And I really want to dig into this a little deeper. I still get a lot of questions about insurance, what it does, what it doesn't do, and is it necessary, and the list goes on and on and on. So let's hit that topic.  Before we jump into some of the specifics of using insurance to manage your risk, I want to set the stage again, I always start my cyber programs with some information. Let's look at headlines from 2022.  In 2022, 255 million phishing attacks occurred in just six months. Now this is a report done by SlashNext, and they analyzed billions of link based URLs, attachments, natural language messages in email, mobile, and browser channels over six months and that's what they found. And that's a 61% increase in phishing attacks compared to 2021. That's pretty significant. They also recorded a 50% increase in attacks on mobile devices. And I really ask that you pay attention and try to appreciate the significance of that. Cyber criminals really are moving their attacks to mobile and personal communication channels to reach employees. The big attacks right now are scams and credential theft. They're the top of the list or the desired outcome with these mobile attacks. And a lot of this will be a phishing and smishing, using SMS text messaging as the attack avenue for a phishing attack, if you will. Smishing is combining SMS and the word phishing, so that's how you get to that.  The FBI has reported that cyber criminals are tampering with QR codes in an attempt to steal victim funds. A lot of people will say, "Well, I'm not going to be that exposed to this stuff, and how frequently is this all this going on?" I got to tell you, it's getting a little crazy out there. Remember QR codes, for instance during the pandemic, particularly as things started to open back up and you go out to restaurants. And instead of handing you a menu, they'd have that little QR code, that little box that has all the dots and dashes and little squares and things in it. And you would scan that and it would take you to the menu or a webpage. Well, a lot of these can be faked. People will just create a QR code sticker and put it over.  Think at a parking lot and you go to scan something to pay your bill, your parking fee, and if you're misdirected to a site that looks like the site that you would expect to pay your parking bill for the evening, but it's not, you've just turned over your account information to somebody that doesn't have your best interest in mind. We've seen it in parking tickets, creating fake parking tickets. And again, it'll have the local parking authority logo and the little yellow envelope and they stick it on your windshield. And again, ah, good lord, I got a parking ticket. They make it very convenient to scan the code. It's not real. So we got to be careful.  We're even seeing QR codes being sent via email pretending to be a multifactor authentication process. And the emails may even mimic corporate logos, law firm logos, it could be anything. And people are falling prey to this. So it's just another crazy unusual attack vector that a lot of folks out there really aren't aware of.  There's also a report that 79 million malicious domains were flagged in the first half of 2022. Please understand what that means. 79 million fake websites. Banks, could be anything, anything at all. And again, they're going to look very, very similar to the real thing. That's 79 million opportunities for anyone at your firm, you or any other employee or attorney practicing at your firm. It's just an opportunity for them to do something innocently, naively, but it's just getting scammed, getting taken advantage of.  The final thing I'll throw at you here in 2022, the A Legal Technology Survey results reported that 27% of participating law firms reported experiencing a data breach of some kind.  So I try to share all this to get your attention, because we need to always remember that IT support isn't the last line of defense. You and whoever else has access to your office network is the last line of defense. And this has consequences, and it really does. The consequences, you really need to care because as a lawyer, you are a valuable target, particularly those of you who practice in the solo and small firm space. I know a lot of lawyers don't believe that. They just think we're not going to be on anybody's radar. It's a rural practice, as an example. Well, come on, there is no such thing as rural on the internet.  And you're considered in the so small firm space sort of the low hanging fruit because the cyber criminals know that you don't have typically the financial wherewithal and oftentimes the deep understanding of everything that could be done. I think the financial wherewithal piece is probably the bigger piece because you just can't throw the same kind of money that a company like Microsoft does around their cloud, protecting your data there as an example. So you're sort of viewed as the low hanging fruit.  And you really need to care because I got to tell you, it's only a matter of time. Robert Mueller, if you remember, the former director of the FBI, famously said, "There are only two types of companies, those that have been hacked and those that will be hacked." But almost actually at the time he said that, that kind of statement was out of date. It really should be something more like there are only two types of companies, those that have been hacked and those that don't know they've been hacked. I mean, I'm not trying to be melodramatic about it, I'm just sharing. It's not if, it really is when.  Now this presentation really isn't about all the things that you can do to prevent becoming a victim. I have lots of other materials, podcasts, CLEs, webinar, all sorts of stuff that can go there. I will share that there is a checklist, a cybersecurity checklist available, if you have any interest, on our website. Just go to the homepage and under resources, scroll down a little bit, you'll see sample forms of checklist. Check there and you'll go in and there'll be another link to checklist and the cybersecurity checklist is there, and that might be useful to you.  But I do want to discuss the risk associated with not being proactive with your cybersecurity efforts. And just as an aside, this really in terms of cybersecurity, proactive efforts, that really does need to include social engineering awareness training, even if you're just a true solo and it's you. You need to stay abreast of what's happening. So I'll just throw that out there.  Okay. Some of the risks your firm faces by someone, anyone at your firm, not doing their part. This really is an all hands on deck kind of situation. Well, let me just read some of the things that can go wrong in terms of the types of risk. I mean, we're sort of talking about the legal and financial risks, but there's legal liability to others, employees, clients, third parties, for loss, theft, or unauthorized disclosure of personally identifiable information. And there may be legal liability for the theft of client funds. Think wire fraud or business email compromise, being tricked and scammed into sending typically larger sums of money to the wrong bank and just a cyber criminal. Legal liability for the theft or loss of third party corporate information. Being subject to regulatory action for the failure to comply with state breach notification laws. Having to cover the costs of responding to and recovering from a breach. Damage to your reputation. Loss of revenue due to a breach. These are things to take pretty seriously. I mean, this can get crazy fairly quickly.  I would encourage you to pay attention to this. The typical costs of a network breach for small businesses is currently around 200,000. And I will share the device theft, think of smartphone, jump drives, laptops, et cetera. So device theft of these mobile types of things. Wire fraud and ransomware are really common problems we see for law firms in terms of the lawyers and the firms that we insure.  So as an aside, and just again keep your attention in play here, there could be a coverage problem. Think about, a lot of lawyers have fallen prey to various types of financial fraud. But let's just talk about this in the context of wire fraud, being tricked into sending money to the wrong bank because a routing number has been changed and you weren't aware that that change occurred and didn't do anything to try to catch it. And the lawyers will immediately call in and say, "This is malpractice. I got to file a claim." Well, I'm not so sure that that's the case. Theft of funds is a property loss, and malpractice actually doesn't cover property losses.  So wire fraud, theft of funds, can be in many instances an uncovered loss if the only way you're trying to ensure for that is through a malpractice policy. Read your policy. This is not unique to ALPS. These policies weren't intended or designed to cover cyber crime. Now, we'll explore that a little bit more here in a bit, but generally, I mean, that's not the purpose behind it. It's really to cover you for professional negligence in the practice of law.  Okay. Now, let's talk about the fallout. So let's assume, I'm not going to look at this never happens, but we'll see, that there is some type of breach. And I'm not talking about wire fraud here, I'm talking about a data breach so that someone really is in the system. What does that mean? How does this play? Well, you need to understand, we're going to start, if you will, with the response and system recovery. So someone needs to come in, typically a forensic team, IT forensic team, that typically is not your IT support. These folks typically know a great deal about how to protect you, but often don't have the skillset to do the forensic piece once there is a breach. That's a different group.  So they're going to come in and they need to understand the breach, try to figure out what happened and terminate it if it's still going on. There may be programs that have encrypted your system and as you try to clean that up may still be there and that can encrypt again. So they have to terminate, try to clean up. This team is going to try to figure out the who, the what, the when, the where, the how. Really understand.  Well, while all this is going on, you don't have access to your network. They need to image typically the entire network. And that's something that doesn't happen... The preserving the evidence of the crime, and it helps them evaluate and understand, and that doesn't happen in half an hour. So you're not going to have access to your systems and your data while this is going on. Now, how long can that take? It depends on the type of breach and what's going on. If it's just a lost laptop that has some passwords on it, they could probably do a remote kill and try to evaluate was that laptop and any passwords used to access the network? So that may be relatively brief. But if there is a major ransomware attack, as an example, and everything's encrypted, it could be days to even several weeks. It just depends.But we need to think through that, and how would that impact your practice? Some it may not be too bad, others, it could really be a pretty devastating event.  So once all that's done, you understand, okay, man, they're starting to build the system back. Phew, we're going to get through this. It's still not over. Every jurisdiction in the United States has their own unique breach notification law and you need to comply with these. And you need to understand too what states are in play. It's not about, well, I practice here in Florida and that's it. If in your database there's information from clients and third parties, and just the list goes on and on, of people in multiple surrounding states, you may have to comply with those state breach notification laws as well. Typically, there's some cost of notifying all the people that have been impacted by this. The cost of compliance. Do you want to pay for credit monitoring? The list just goes on and on. Reputation management, et cetera. This can get expensive. So that can be managed obviously, but I want you to hear and understand, a breach can be significant. It's not just the loss of money, whether that's a ransomware payment or wire fraud, there's lots of other things that can go on.  And you need to think about, there's all kinds of information in your files. There's just gobs of information out there. So again, don't minimize the consequences of a data breach.  Now the good news of course, and where I said I'd go with this was, that you can manage this risk with the purchase of a cyber liability insurance policy. And of course, I would always couple that with following through on cybersecurity best practices. You don't get a reference to a lot of things in that checklist. There are other proactive things you can do, making sure that there's robust security software running on all the mobile devices at work or anything that used for work. So work from home folks, if they're using personal devices, we need to protect these things. But let's focused on this insurance piece.  At the outset, I do want to share that the purchase of cyber insurance, depending on how much coverage you'd like, the type of coverage you're looking for, how big your firm is, this discussion, sort of tangential discussion on security best practices, getting back to that checklist, is important because an insurer may make it a requirement that you do certain things. You may have to have multifactor authentication in play. They're just going to be looking and asking questions about, what is your security posture? What steps have you taken? What processes are in play? Do you use out-of-band communications as an example to verify the accuracy of all wiring instructions prior to wiring funds? So there are a variety of things that can be important here.  So the accuracy of the information you provide in terms of the application going through the process is going to be very, very important. You don't mislead. Don't lie. Say, "Well, I know this is what they want to hear, this is what they want us to do, and we try, but this is our intent." If post breach an insurer learns that you in fact weren't doing all that you said you were doing on the prevention front, you may have a serious, serious coverage problem. So I do want to focus here just a side moment on these security best practices. That can be very, very significant.  But what basically does cyber liability insurance provide? What do you get for your premium dollar? It's really looking at providing coverage for the type of losses I had talked about a bit. Commonly, you're going to see these policies cover business interruption, as an example. So that would be covering the loss of income and forensic expenses sustained during the period of restoration after the breach. Now, that coverage may be contingent upon a short waiting period. Media liability. So that's things like copyright or trademark infringement, malicious defacement of a website, and liable.  Data recovery. So we're talking about the reasonable and necessary costs incurred in order to regain access to, replace, or restore data, or the reasonable and necessary costs incurred in order to determine that the data cannot be accessed, replaced, or restored. So I think ransomware as an example. And then sometimes you might even pay for a decryption key that don't do much, or you might've been impacted with wiperware and your data's just been erased and destroyed. So there's some costs in terms of trying to figure out, what can we get back and is it doable?  Privacy breach response. So that's the expenses associated with complying with relevant breach notification laws. We had talked about that. Look for a policy that includes coverage for the cost of privacy counsel, forensic investigators, and notification and credit monitoring services.  It will also provide typically, again, data and network liability. Now, these are the damages and expenses related to claims resulting from a breach of data in your control or a third party, and damages and expenses resulting from a security breach. Examples of a security breach would include unauthorized access or use of network resources, a denial-of-service attack, an insertion of malicious code, if somebody downloads something and it's maybe a key log or just tracking what's going on your network, and the transmission of malicious code from your network, so someone's using your network to harm somebody else.  Crisis management. This is the expense associated with bringing in outside experts to investigate the incident and fix the problem. And with some policies can include the cost of a public relations consultant.  Cyber extortion. This is the expense associated with investigations and paying for the return of or gaining back access to data. Now, one thing to be aware with cyber extortion, it is pretty common in the cyber insurance space that you need permission in advance from the insurer to make that ransom payment. It has to do with regulations that monies can't be paid to nation states. You don't want to pay the Iraqis, as an example, their military. And they're very involved in ransomware. So there's some issues there. But I'm just making you aware of that little side note, but typically money is available in terms of reimbursement.  Fraudulent instruction. This is a loss resulting from the transfer of funds after relying in good faith on an instruction that was a misrepresentation of a material fact. Now again, coverage may be contingent upon an out-of-band communication taking place. Again, if you're not familiar, an out-of-band communication is, let's say that the wire fraud instructions come via fax. So that's the inbound communication channel. An out-of-band communication channel means we changed the communication channel for an outbound communication in an attempt to verify the accuracy of the information that was received in the inbound communication. So incoming fax, wire instructions. I pick up the phone with a previously verified number from whoever sent the fax, and I will read the information, Hey, Sue. I just want to verify, thanks for sending over the fax, got everything. Is this information correct?"  Because these things can and have been and will continue to be intercepted and changed. So if a call comes in, it could be a deepfake audio. And I'm telling you folks, this has happened. You're not talking to who you think you're talking to so you have the information. So use a different communication channel to reach back out and confirm. That's an out-of-band communication. That's what we mean by that.  Some other benefits from cyber liability insurance. It can cover regulatory defense and penalties. These are the expenses and penalties that an insurer is obligated to pay as a result of a regulatory proceeding that arose due to a data or security... My tongue is getting twisted today. A security breach.  And finally, payment card liabilities. So it might be PCI fines, the payment card industry PCI fines, costs, expenses. An insurer is legally obligated to pay as a result of a data or security breach.  So these are some of the common coverages you will typically find in a cyber liability policy. And again, that's some pretty thorough stuff and can really help you manage the risks and get through this, in again, the event that there is a significant data breach of some type.  Now, a few things to keep in mind and just be aware of. There are going to be exclusions for war and state sponsored attacks. I would think that wouldn't be much of a surprise. But the current Russia-Ukraine war is one obvious example as to why. NotPetya, which was... It looked like ransomware. Russia released it into the wild prior to the onset of the war, but leading up to it, in an attempt to really do some serious damage in Ukraine. But it just spread and went global. And that NotPetya was what we call wiperware. It looks like ransomware, acts like ransomware, but the intent is not to hold your data ransom for some payment, the intent is to wipe your data, just get rid of everything. That's not good. And it is nasty, nasty stuff.  Also be aware that these policies cover data. They don't cover hardware. If you have a lightning strike and your server's just toast, a cyber liability policy isn't going to respond. That would be something you'd cover under your general insurance, your business owner's policy or your commercial package, whatever that might be.  Some common exclusions just to be aware of, breaches that occurred prior to the effective date of the policy. Now there's a growing move in this space to kind of be a little more liberal with that in terms of this insurance space because it just just very difficult to try to figure out when these things occurred.  But if you are breached and you know it, and you come and buy a cyber liability policy, the house is already on fire, that's not going to work. You would have to have absolutely no idea that a breach occurred. Because sometimes these people can be in your system for months and sometimes even a year or more. That's just the way it is.  Insider attacks. If somebody in your employer, another attorney in the firm, just makes bad decisions for whatever reason and does a lot of damage, again, insider attack, that's not going to be covered.  And some policies, think about what I'm about to share here, phishing scams are often not covered or maybe subject to a sublimit. And really what that's talking about and getting to is yet again, wire fraud business email compromise. It's the loss of funds. Other examples might be someone who stripped it and buying a bunch of gift cards to pay something. Turning over credit card information.  You might ask if there's a social engineering endorsement available that might pull some of this back in. And again, if there is coverage under the policy, typically it's a sublimit and it's not going to be as high as the general limits of the overall cyber liability coverage that you might purchase. So for example, let's say you buy $250,000 in coverage, the sublimit on these kinds of theft of funds might be just 10% of that, so 25 grand. You could also look at getting some coverage under a crime policy, and that's probably the most effective way to try to get this covered. But every carrier is going to be different. I'll come back to that here in a moment.  Also, an attack resulting from a failure to correct a known vulnerability. So if you are continuing to use outdated systems because hey, Windows 8 still works wonderfully, even though you know that it's no longer supported and there's no security patches and up where, as a result of that, you're not keeping systems current and patched and there's a breach. If you're using unpatched systems, outdated systems, that may void coverage for anything. So you need to just be aware.  There are different types, different ways I guess to say, to get into this. A lot of malpractice carriers have what I would say an add-on. It's sort of in part.... Maybe the best way to say is it's some type of cyber endorsement to a malpractice policy. And that's not bad, don't get me wrong. It's better than nothing. But understand these endorsements, these add-ons, often come with lower limits and less broad coverage. And part of the reason that that's the case is due to limited, and at times even no, underwriting being involved in that cyber insurance piece. You can opt in. Sometimes it just is automatically there depending on the carrier. So again, it's important to have some type of cyber coverage, but I need you to understand if you're not really reading these policies, these endorsements, and really understanding what they do and don't do, you might be running with some assumptions. I really prefer to see a freestanding cyber policy.  And just as a aside real quick. I shared that this add-on and the automatic, if you will, endorsement is in some malpractice policies. You'll also see that at times in some business owner package policies as well. But again, the same issue is in play. It's not as austere. Just not as broad. Limits aren't going to be as high. So I would encourage you to look at standalone coverage.  How much? Boy, that is a tough one. I would say in the solo and small firm space, I would want to at a minimum be looking at a quarter to half a million, and understanding that we're talking about the expenses and consequences of a data breach as opposed to theft of funds. I'm going to look at theft of funds perhaps at a higher amount separately, just depending on how much money you're moving through your accounts.  And also, just as an aside, some of the cyber policies, even the standalone policies, will cover theft of your funds, but not theft of client funds. So if money is accidentally wired, firm money wired to a wrong vendor making a payment or some sort out of the operating account, okay, cyber will cover that. You wire 850,000 of client funds out, the cyber policy may not cover that at all. So you really need to ask and look into this. Because it's again another reason to look at a crime policy or a crime endorsement and see what you can do there. You may need to have several different policies in play even to get to this total that whatever you're looking at.  If you can get to a million, even better. But again, I don't know enough about your individual practices and firms in terms of how valuable is the data. How much do we have here? That's something you're going to have to maybe talk with an underwriter or a marketing person with, business development person, with your insurer, to really gets a better ideas of what to do there.  The final thing I want to throw at you is just know that these policies differ, at times substantially, between insurers. So it's worth at times shopping the market a little bit. Prices can be quite variable as well. A lot of the variability goes with just what coverage is being offered. If you have a policy that's going to cover your money and client money as an example, that's going to be more expensive than a policy that doesn't cover any loss of funds in terms of wire fraud and these phishing scams. So again, you have to make sure you're comparing apples to apples.  But know that this is a very dynamic market relative to life insurance and lots of other... They've been around for decades and decades. This is new stuff. And the risks are changing almost daily. It's very difficult for an insurer to really understand what their exposure's going to look like two or three years down the road, based on what the risk analysis is today. Who knows? AI as an example. How is this going to change things? How significant will deepfakes become? They are already in play, so please... But I'm just trying to share, can you appreciate how challenging it is? An insurer has to set premium on an unknown risk. It's changing and evolving very quickly. So that's why you will experience and see great differences perhaps in coverage, differences in premium, et cetera. So it's really worth sitting down and talking with someone about how to move forward and what might be best for your situation.  So that's really all I have on cyber liability. I hope you found something of value. And I like at times to go back and say, "What are the takeaways here?" And the biggest takeaway for me, if I'm sitting in your shoes, if you already have not done so, I strongly encourage you to consider adding cyber liability insurance to your insurance portfolio. In my mind, I just honestly have seen too much. And I truthfully can say I've been involved post breach with a number of firms in a number of different situations, and more than a few really never recovered. The financial hit was just too much, and that was that. So I want to make sure, my hope is that you hear, that there's some learning that we can obtain from the experiences of others. So I'll leave it at that.  Again, I'm Mark Bassingthwaighte. If you ever have a need, desire, concern that you want to talk about, please don't hesitate to reach out. My email is mbass@alpsinsurance.com. You do not need to be an insured to visit with me. There's no cost. I'm hired to be a risk manager for the bar at large. I'm hired to be your risk manager. So if there's ever anything I can do on cybersecurity, explaining insurance, and a lot of lawyers have questions about legal malpractice insurance and other types of coverage, happy to talk. Ethics, malpractice avoidance, [inaudible 00:41:54], whatever, I'm here. That's it. Bye-bye all. 

In this episode of Cut to the Chase: Podcast [Hosted by Gregg Goldfarb], Jonathan Singer explores the importance of protecting digital assets and the role of cyber liability insurance in mitigating the risks associated with cyber threats. He highlights the recent increase in cyber-attacks on law firms and emphasizes the need for companies to prioritize cybersecurity. Jonathan discusses the vulnerabilities exploited by hackers, such as sight challenges and hearing issues, and the assistance features built into web programs to aid individuals with disabilities. He also emphasizes the need for small businesses to invest in cyber liability insurance, as ransomware attacks and data breaches pose significant risks. Jonathan shares a personal experience of a cyber attack and how cyber liability insurance could have provided relief during the ordeal. So, Let's Cut to the Chase! Here are 10 Key Takeaways you will hear from Gregg and Jonathan's Conversation: Digital assets, including personal identifiable information, must be protected from cyber threats. Cyber liability insurance can assist businesses in handling the financial and negotiation aspects of a cyber attack. Companies need to prioritize cybersecurity, regardless of their size or industry. Remote work has increased the importance of personal computer and email security. Small businesses should consider investing in cyber liability insurance to protect against ransomware attacks and data breaches. Compliance and proactive measures are crucial to prevent reactive situations and minimize cyber risks. Cyber liability insurance coverage is evolving to address emerging cyber threats. The healthcare industry and public entities face complex challenges related to cyber threats. Cyber liability insurance negotiates ransom payments and provides relief during cyber attacks. The constant evolution of cyber threats requires continuous awareness and preparedness. Thank you, Jonathan Singer, for sharing your expertise on cyber liability insurance and the evolving cyber threat landscape. As businesses navigate the digital realm, it is essential to prioritize cybersecurity and consider the benefits of protection through cyber liability insurance.  

Ever wondered how to navigate the world of risk management and business insurance? Listen in as we explore the inspirational journey of José Suárez, roundtable leader at the Cleaning Prophets Event, from his beginnings to becoming a risk management consultant. Discover how José embraces his Latino identity and how it shaped his entrepreneurial journey. Listen to his current ventures and his passion for helping the Latinx community. Get a crash course on risk management in the business world as José explains its significance. Hear him break down the three components of risk management, and the typical errors business owners make. Plus, he'll address common misconceptions about insurance. Additionally, José provides an in-depth discussion on captive insurance, its growing popularity, and the risks and qualifications involved. He also shares the benefits of having cyber liability insurance and employee practices liability insurance to protect businesses from fraudulent activities and lawsuits.Finally, hear José's passion for the cleaning industry, his love for Mexican music, and his experience as a DJ and music promoter. Learn how José helps business owners protect their money and personal assets from corporate liability, and how the savings from insurance costs can be utilized to provide employee health benefits!In this Profitable Cleaner Podcast, you will learn:The fundamentals of risk management and common mistakes entrepreneurs make in managing risk.The importance of understanding different types of business insurance such as captive insurance, cyber liability insurance, and employee practices liability insurance.How business owners can protect their personal assets from corporate liability and use savings from insurance costs for employee benefits.The importance of embracing one's identity and cultural background.We highly recommend you connect with Jose Suarez and check out Alera Group:  Connect with Jose Suarez on LinkedIn HereCheck out Alera Group Here Are you looking to accelerate your professional network and cleaning business? Register for our second event: The Cleaning Prophet$ 2.0 - The Statement. If you're looking for true transformation, both personally and professionally, and you're ready to make a STATEMENT about who you are and could become, this is the event for you.  Register here for The Cleaning Prophets 2.0 - The StatementIf you're in commercial cleaning and want to increase your sales, become part of our community today and get the best cleaning sales content and data in the industry. Join Our Private Profitable Cleaner FB GroupFind the appropriate tools, services, and resources for your Facility Maintenance Company by exploring our sponsor companies.Usource.com Dayporter.com Cleaningprophets.comAlexmelgar.com If you enjoyed this podcast, you can help us out immensely by sharing it with a colleague and giving us a rating. We appreciate you!

In this episode, we meet with Andy Anderson, Co-Founder & CEO of Datastream Cyber Insurance, an insurance firm focused only on Cyber Liability insurance with a unique twist. And that unique twist is that they work directly with MSP's like FPA to help their clients ensure they're protected technically as well as financially. Listen and learn more about what's going on in the insurance world when it comes to cyber and how best to protect your business from being hacked. -------- Guest: Andy Anderson | www.DataStreamInsurance.com Host: Craig Pollack | www.FPAinc.com ------ This is a Mr. Thrive Media production | email: Chaz@MrThrive.com | Facebook, Instagram, and Twitter

Podcast: Nexus: A Claroty Podcast (LS 28 · TOP 10% what is this?)Episode: Dave Elfering on Cyber Liability InsurancePub date: 2023-04-10Dave Elfering, senior vice president at Marsh, a global insurance broker and risk management company, joins the Nexus podcast to discuss the current state of cyber insurance. A longtime figure in information security, Elfering explains the current volatility around coverage, premiums, and exclusions. He goes deep into what can sometimes be contentious discussions about qualifications and controls that must be implemented in order to be eligible for coverage, in addition to policy exclusions. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Dave Elfering, senior vice president at Marsh, a global insurance broker and risk management company, joins the Nexus podcast to discuss the current state of cyber insurance. A longtime figure in information security, Elfering explains the current volatility around coverage, premiums, and exclusions. He goes deep into what can sometimes be contentious discussions about qualifications and controls that must be implemented in order to be eligible for coverage, in addition to policy exclusions. 

“Because people don't fully understand technology, hackers and criminals find this as an opportunity to attack and get an edge. This is why cybersecurity is so important.”Shea McNamara, the Co-Founder and Head of Sales at Limit, focuses on melding technology and risk management for people and businesses around the world so they can achieve their aspirations. Due to the increasing amounts of cyber attacks happening in businesses, Shea shares why it's important to invest in Cyber Insurance to counteract these pitfalls. Listen in as Shea explains what Cyber Insurance is and why every business should take time to obtain it to stay safe and secure.What You'll Learn in this episode:The reason why we are seeing an increase in Cyberattacks, how to fix that, and what can happen when you don't have Cyber InsuranceWhy smaller companies are hot spots for cyber attacks and how cyber insurance can keep your brand reputableWhy you should enable MFA in any program that you're usingThings to listen for:[00:01 - 00:54] Introduction[02:10 - 03:42] What is a brokerage system[07:35 - 12:59] The in's and out's of Cyber Insurance[13:34 - 14:42] The difference between Cyber Insurance and Cyber Liability Insurance[15:01 - 18:08] Who is Cyber Insurance for and why is it important?[18:31 - 21:10] How Cyber Insurance has evolved over the years[21:20 - 24:33] Shea's predictions for the future[25:08 - 27:25] Why Trava and Limit's partnership is beneficial for customers on both sides[27:43 - 28:17] Closing thoughts from Shea[28:38 - 31:19] Jara's receiptsConnect with the Guest:Linkedin - https://www.linkedin.com/in/sheamcnamara/Limit's Website - http://www.limit.comConnect with the Host:Jara Rowe's LinkedIn - https://www.linkedin.com/in/jararowe/Connect with Trava:Website - https://www.travasecurity.com/LinkedIn - https://www.linkedin.com/company/travasecurity/Instagram - https://www.instagram.com/travasecurity/Twitter - https://twitter.com/travasecurityFacebook - https://www.facebook.com/travaHQYouTube - https://www.youtube.com/@travasecurityBlog - https://www.travasecurity.com/blog

As the incidence and severity of cybercrime continues to rise we are seeing a hardening of the cyber liability insurance market.  This means it is getting more difficult and costly for dealers to secure cyber liability insurance.  In this podcast we explain why this is happening and what dealers can do to better protect their dealership from a cyberattack while also securing the best policies at the most reasonable rates.

Greg Edwards, CEO at Canauri ransomware protection formerly known as CryptoStopper discusses how to take a layered security approach, why you need cyber liability insurance, and some of the myths about ransomware that still exist today.

Mike Polce, founder & CEO of M.A. Polce is joined by Brian Millar, head of Cybersecurity for M.A. Polce, along with special guest Will Brooks from FifthWall Solutions to discuss the evolving landscape of Cyber Liability Insurance, why businesses need it, and what they have to do to obtain it. Music Attribution: Audio File URL: http://pixabay.com/music/corporate-abstract-technology-112288/

Welcome to Talking Cyber, a Cybercrime Magazine podcast series that covers the latest news and breaking stories on the cybereconomy, hackers, intrusions, privacy, security and much more. In this episode, host Hillarie McClure is joined by Heather Engel, Managing Partner at Strategic Cyber Partners, to discuss Lloyd's of London's decision to exclude catastrophic state-backed hacks from stand-alone cyber insurance policies, as well as the over 80 health systems hit by cybersecurity attacks in August, and more. To learn more about these stories, visit https://cybercrimewire.com • For more on cybersecurity, visit us at https://cybersecurityventures.com

We all hear things in the news about cybercrimes and the devastating effects that they have on companies, employees, and customers.  Cyber liability insurance can help – but do you really know what it does?  What is covered under cyber insurance?  What isn't?  What happens if you face regulator penalties?  Does cyber liability insurance help with that?  In this episode of Accountable, Dave answers these burning questions about cyber liability insurance and much, much more!Do you live in a non-NASBA state?  If so, you may be able to get CPE for this podcast!https://www.petersprofessionaleducation.com/courses/ACC03-cyber-liability-insuranceLooking for high-quality CPE?  See Dave's diverse catalog of courses at Peters Professional Education:  https://www.petersprofessionaleducation.com/Visit us at:  https://www.davidpetersfinancial.com/

08-17-2022 Mark Wiener Learn more about the interview and get additional links here: https://www.thetimesusa.com/you-must-comply-with-your-cyber-liability-insurance/ Subscribe to the best of our content here: https://priceofbusiness.substack.com/ Subscribe to our YouTube channel here: https://www.youtube.com/channel/UCywgbHv7dpiBG2Qswr_ceEQ

Jeffery Daigrepont interviews Dan Stewart, the president of Jackson Health Tech Advisors, one of our partners providing cybersecurity advisory services. Dan has been in the healthcare information technology and services industry for more than 30 years, with the last ten years focused on cybersecurity risk management and mitigation services. That includes a Cyber Liability Insurance Services program we will discuss today.   Podcast Information  Follow our feed in Apple Podcasts, Google Podcasts, Spotify, Audible, or your preferred podcast provider. Like what you hear? Leave a review! We welcome all feedback from our listeners. Email us questions on any of the topics we discuss or questions about issues that interest you. You can also provide recommendations on matters for future episodes.  Please email us: feedback@cokergroup.com Connect with us on LinkedIn: Coker Group Company Page Follow us on Twitter: @cokergroup Follow us on Instagram: @cokergroup Follow us on Facebook: @cokerconsulting   Episode Synopsis  The last two years have seen a new era of cyber-attacks with increased hacker sophistication, a propensity to pay in ransomware cases, and a geopolitical environment that has upended the cyber insurance market in general, particularly in healthcare. In 2020, healthcare-related cyber-attacks increased by more than 55%, of which ransomware attacks comprised 28% of the total. According to Cybersecurity Ventures, in 2021, the US healthcare system lost $21 billion caused by ransomware attacks alone. Covid-19 further exposed the weaknesses in healthcare cybersecurity systems as the industry was forced to institute or expand telehealth services and remote working functions rapidly. These factors caused significant losses for the insurance carriers that were providing cyber insurance resulting in several major market changes that are affecting healthcare providers.   Extras Key Elements of a Cyber Liability Insurance Policy for Healthcare Providers Cybersecurity Tips Episode 57: HCIT: Security Risk Assessment Episode 103: What is a Security Risk Analysis, and Why Do I Need One? Contact Jeffery Daigrepont

Welcome to Episode 34 of Uncaptive Agent. This episode is special because instead of having an independent agent or broker on with me to present you with cutting edge information, I'm joined by Brian Fritton, the CEO of Havoc Shield. Havoc Shield specializes in cybersecurity. And not just that – they assist businesses in regulated industries such as finance, healthcare, and insurance, ensuring that their data is protected. So, why is this important to you as an agent? Because of the increase of cybersecurity incidents overall and the fact that you'll be selling more cybersecurity policies.Brian is also a serial (and successful!) entrepreneur with venture capital experience, so he has a lot of great advice that he brings to our conversation.So what are some of the highlights you'll get from listening to our conversation?Tips on how you can minimize the risk of your agency becoming a victim of cyber crimeThought points on whether you create liability for yourself if you don't protect the data of others, such as third-party vendor data (remember the Target hack? We talk about it!)Funding ideas for small businesses Getting organized so that you can sustain growth as time progresses A crowdfunding experience Brian had in one of his business models and how it worked outDon't miss this great conversation and learn how you can get into contact with Brian or his business, Havoc Shield.

There's no denying that cybersecurity risks in the workplace have increased exponentially in recent years. From the pandemic causing employees to work from home to Russia's invasion of Ukraine, organizations are more vulnerable than ever. That's why it's crucial to understand how to best protect yourself and your business. On this episode, Eric Jesse, Partner at Lowenstein Sandler LLP, joins the show to give an attorney's perspective on the importance of cyber liability insurance. Eric talks about protecting your company as a policyholder in today's new landscape. Join us as we discuss: Why companies should have their cyber liability insurance policies reviewed by knowledgeable attorneys Strategies for improving your security posture to reduce premiums How best to ensure your Cyber Liability insurance dovetails with other insurance policies to confirm you are covered across all types of cyber incidents  To hear this episode, and many more like it, you can subscribe to The Virtual CISO Podcast here. If you don't use Apple Podcasts, you can find all our episodes here. Listening on a desktop & can't see the links? Just search for The Virtual CISO Podcast in your favorite podcast player.

To self-insure or not to self-insure, that is the question. Well, not entirely, but today we explore the state of the cyber liability insurance industry.

In this episode, the focus is on the rising importance of cybersecurity in Architecture, Engineering, and Construction (AEC) businesses. Topics include the role of cyber insurance, the need for multi-factor authentication, and the potential risks of outdated hardware/software. The discussion also covers ransomware, the cost of cybersecurity, and the crucial role of IT companies in protecting AEC businesses. The episode concludes with a special offer for a one-hour cybersecurity assessment.

Gone are the days when businesses can be without computers and the internet.Things were definitely so much simpler back in the day!Sure, we all use tools and technology. What's an engineering or construction business without the lifts and the cranes, the mixers and the excavators? And what's an architectural design firm without CAD, T-squares, drafting tech pens and compasses.However, you used to be able to run a business without heavily investing in so many computers and softwares and internet connectivity.But as computers evolved, as the online space grew, and as the internet became more accessible, markets changed!And so, businesses also had to change.The internet revolution has definitely made so many significant positive changes in the business world, but it also gave rise to new threats.Unfortunately, many businesses remain (deliberately or unintentionally) ignorant about looming threats within the online spaces that they now occupy.That's why we've made it our mission to deliver you a simplified version of:Things You NEED to KNOW About the Online Space and how you can better protect your business so you can keep on scaling!What is CyberSec? What is Ransomware as a Service? How are cyber threats toppling even the powerhouses in the AEC industry?At the end of the day, you need to understand that your business can easily be caught in the crossfire in an “invisible war”.Learning more about the online space and investing in CyberSec has become non-negotiable and is key for business continuity and future success!Discover how to future-proof your business today!Tune in to learn about the Hottest Insider News | Tips | Tricks | Hacks, and everything you need to know on Architecture, Engineering, Construction and Technology!Connect with the Justin & Will:Website: https://spotmigration.com/LinkedIn: https://www.linkedin.com/company/spot-migrationFacebook: https://www.facebook.com/spotmigrationYoutube: http://www.youtube.com/c/SpotmigrationWill's LinkedIn: https://www.linkedin.com/in/willforet/Justin's LinkedIn: https://www.linkedin.com/in/justneagle/Tune in to learn about the Hottest Insider News | Tips | Tricks | Hacks, and everything you need to know on Architecture, Engineering, Construction and Technology!

Have you ever wondered what Cyber liability insurance is, what its purpose is and what the process looks like to obtain it? Judy is here to shed some light on the underwriting experience and the shifts over the past decades in the insurance space.Judy is an invited speaker at prominent industry conferences on privacy, cyber, and related insurance issues, and is frequently featured in various publications, including the Wall Street Journal, Fortune, Forbes, and Reuters. She has also authored three eBooks: A Closer Look at Cyber Insurance, Demystifying Cyber Insurance, and Big Data for Business Leaders. She's completed advanced courses at the Massachusetts Institute of Technology (MIT) and Harvard Business School in the areas of big data, crisis management/business continuity, and more.__________________________GuestJudy SelbyOn Linkedin | https://www.linkedin.com/in/judyselby__________________________HostsJaclyn (Jax) ScottOn ITSPmagazine  

The “What's Going on with Cyber Liability Insurance?” episode of the Powered Services Podcast was such a hit, we had to bring in another expert in the space to discuss what MSPs should expect and prepare for when it comes to cyber liability insurance in 2022! Join hosts Dan Tomaszewski and Will Bishop as they have a real and insightful conversation with Andy Anderson, CEO, and Co-Founder of DataStream Insurance, about the realities of cyber liability insurance right now and how MSPs can move forward.

Special guest Greg Durnan from Acacia Information Technologies LLC shares some successful strategies that bring in new business for his MSP.

October is Cyber Awareness Month and the topic has never been more important for small business owners to understand. In fact, in the wake of COVID-19, cyber-crime has risen exponentially. Hackers are preying on our increasing need for digital communication. Andy Runyan and Phillip Greer from Block Insurance join the show again to share stories about everyday business owners who have been impacted by cyber crime. They'll also explore with Carrie what cyber policies cover in case you're looking for a way to protect yourself and your business. If you have any questions, reach out to Block Insurance online at https://www.blockinsurance.com/ or call 870-236-8744. Important Links: Quraishi Law Firm: https://quraishilaw.com/ Wealth Protection Toolkit: https://go.quraishilaw.com/toolkit-new Smart, Simple Wealth Book: https://go.quraishilaw.com/freebook Defuse: 7 Steps to Protecting your 401k from the Ticking Tax Time Bomb: https://bit.ly/3fXcEhT

In Part 2 of this 2-Part Podcast, Host Dorothy Cociu continues her discussions with Ted Mayeshiba and Ted Flittner, Principals of Aditi Group, an IT Security/HIPAA Security/Cybersecurity firm, and Bruce Benton, a life and health and P&C agent, and Vice President, Public Affairs of the California Association of Health Underwriters on how to be better protected against Cyber Attacks. We discuss how to stay safe while traveling, working from home risks, potential new cybersecurity regulations, the importance of proper training, and we look at Cyber Liability Insurance and why it's so important today.

Episode 25:  Cyber security and cyber theft are real issues for small business owners.  There are now cyber liability insurance policies available to cover you, should you fall victim.  In this episode, I interview Beth Combs and David Goheen from Gallagher, a large insurance company providing multi-line insurance, risk management and consulting services. Thank you for taking the time to listen to this episode.  From more information on business-related issues, visit my website at www.JimRayConsultingServices.com. Got Podcast? Finally, if you're interested in developing and launching a podcast for your business or organization, I'd be happy to help.  I provide this service on a regional basis.  Visit my podcast production services page for more information. Until next time, remember, if you need help with your small business, Let's Grow For It!

In Part 2 of this 2-Part Podcast, CAHU V.P of Communications Dorothy Cociu continues her discussions with Ted Mayeshiba and Ted Flittner, Principals of Aditi Group, an IT Security/HIPAA Security/Cybersecurity firm, and Bruce Benton, a life and health and P&C agent, and Vice President, Public Affairs of the California Association of Health Underwriters on how to be better protected against Cyber Attacks. We discuss how to stay safe while traveling, working from home risks, potential new cybersecurity regulations, the importance of proper training, and we look at Cyber Liability Insurance and why it's so important today.

OBLIC has new #cybersecurity requirements for Cyber Liability Insurance and most #lawfirms are NOT ready to "Check Yes"  to them.Last week we gave you an overview of the requirements and today we deep dive into them so you're not denied coverage.This weekDetermining the number of electronic records with PII, PHI and moreStoring and controlling Biometric employee or client data and what that could be.How to know what Cloud Provider has your PII, PHI, Financial client or employee data.#nolawfirmleftbehind #legaltech #lawyers #technology #cybersecurity #lawfirmCatch all our Shows and Podcast at:https://www.splice.net/nolawfirmleftbehindhttps://linktr.ee/splicenet

Welcome to the brand-new Powered Services Podcast! Our commitment to you, the MSP, is to have meaningful and insightful conversations that give you all the strategies and advice you need to supercharge your MSP.In this inaugural episode, Dan Tomaszewski hosts a round table discussion with MSPs just like you to ask Kristen Bay of Cysurance the cyber liability questions we're all wondering, and even a few brilliant ones we hadn't thought of yet. This episode's special guests are:Will Bishop, Sr. Director of Channel, KaseyaMichael Arnold, Owner / Sr. Cybersecurity Engineer, ITNS ConsultingMatt Disher, President, Southwest Networks Kirsten Bay, CEO, Cysurance

Host Jeremy C. Park talks with D. Gray Holden, Managing Director and Management Liability Practice Leader with Higginbotham, who discusses what cyber liability insurance is and why it is needed now more than ever to protect your organization. During the interview, Gray talks about the trends with ransomware and social engineering, what to do if a claim or loss happens, examples of recent claims, and recommendations to help put your organization in the best position to be protected.Visit www.higginbotham.net or email gholden@higginbotham.net to learn more.

Host Jeremy C. Park talks with D. Gray Holden, Managing Director and Management Liability Practice Leader with Higginbotham, who discusses what cyber liability insurance is and why it is needed now more than ever to protect your organization. During the interview, Gray talks about the trends with ransomware and social engineering, what to do if a claim or loss happens, examples of recent claims, and recommendations to help put your organization in the best position to be protected.Visit www.higginbotham.net or email gholden@higginbotham.net to learn more.

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 371. It is Wednesday June 2nd 2021. I am your host Scott Gombar and Is Cyber Liability Insurance Causing an Uptick in Ransomware Attacks? US seizes domains used by APT29 in recent USAID phishing attacks US: Russian threat actors likely behind JBS ransomware attack Critical WordPress plugin zero-day under active exploitation Windows 10's package manager flooded with duplicate, malformed apps Cyber-Insurance Fuels Ransomware Payment Surge

The program includes how to fill out the insurance application, who's covered at your firm, how much coverage you need, how high risk your practice area is for suits, and how to address cyber threats to your client and employee data.  (March 8, 2021)      Questions? Inquiries about program materials? Contact Alan I. Johnson at ajohnson@bostonbar.org

Former Cisco CEO John Chambers once said, “There are two types of companies: those that have been hacked, and those who don’t yet know they have been hacked.” Cyber attacks hit businesses every day. In episode 144 of the Aviation Business Podcast let's talk about Cyber Liability Insurance and how you can use it to protect your digital assets.

Ariento Partner Chris Rose discusses the state of the cyber liability insurance market and what business owners and executives need to know with Nick Pottebaum, Vice President of Tokio Marine HCC's Cyber & Professional Lines division. --- Send in a voice message: https://anchor.fm/uponcyber/message

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 223.  It is Friday October 9th 2020.  I am your host Scott Gombar and Updates, Vulnerabilities, Credential Stuffing and Ransomware...oh my This podcast is brought to you by Nwaj Tech, a Client Focused and Security Minded IT Consultant based in Central Connecticut.  You can visit us at nwajtech.com  Cyber Security Awareness Tip 9 Cyber Liability Insurance is a Must  Cisco Releases Security Updates Adobe Creative Cloud down: Users report login, data access issues Microsoft Azure Flaws Open Admin Servers to Takeover Amazon Prime Day Spurs Spike in Phishing, Fraud Attacks Gmail users: Expect to see these new security alerts, says Google Sam's Club customer accounts hacked in credential stuffing attacks Massachusetts school district shut down by ransomware attack Former Mayo Clinic Employee Accessed Medical Records of 1,600 Patients Without Authorization OCR Imposes $160,000 Penalty on Healthcare Provider for HIPAA Right of Access Failure

Cyber Sentinel Guest Ralph Pasquariello - Cyber Liability Insurance Specialist / Snellings Walters Get the latest security tips: http://bit.ly/2Z5cait Got Cyber Questions? Connect with ASC Group at http://bit.ly/2Zh51qW for all your cybersecurity inquiries and needs. Let me know your opinions in the comments below. If you enjoyed the video, please hit the like, share and subscribe button ➡️ https://www.youtube.com/channel/UC-oU... Subscribe for more videos. ➡️ https://www.youtube.com/channel/UC-oU... Website: http://bit.ly/2Zh51qW LinkedIn Business: http://bit.ly/2ZrXBBr LinkedIn Personal: http://bit.ly/2ZnyW0S Facebook Business: http://bit.ly/2Zh5OYW Twitter Business: http://bit.ly/2ZiCeSU About Cyber Sentinel Cyber Sentinel is a web series by Alan Adcock, founder and CEO of Automated Solutions Consulting Group in Atlanta, GA that tackles various topics in the security industry. On Cyber Sentinel we tackle data breaches, biggest security threats and strategic tech tips to get you up to date with the best security practices for your corporation and business. #CyberSentinel #ASCGroup #CyberLiabilityInsurance

Cybercrime Magazine CISO Minute host Theresa Payton, Former White House CIO talks about a question she is asked all the time by CIOs and CISOs – How much cyber liability insurance is enough – and how do I know if we have the right coverage? The CISO Minute is sponsored by https://www.knowbe4.com/ For more on cybersecurity, visit us at https://cybersecurityventures.com/

Cybercrime Magazine CISO Minute host Theresa Payton, Former White House CIO talks about a question she gets asked all the time by CIOs and CISOs – How much cyber liability insurance is enough – and how do I know if we have the right coverage? The CISO Minute is sponsored by https://www.knowbe4.com/ For more on cybersecurity, visit us at https://cybersecurityventures.com/

Episode 46 – Cyber Liability Insurance – What You Need to KnowBrian Risen is President and CEO of AmeriTrust Insurance, an ASA Sponsored Benefit Provider. The COVID-19 crisis continues to challenge the automotive repair industry, even as we start opening back up. Every small business owner knows the importance of both liability and workman’s compensation insurance, but how familiar are you with the cybersecurity issue? The threat is real and the exposure may be higher than you think. Hear all about it as Brian shares his views on what repair shops should be doing to prepare for this growing threat to their business and what you can do to protect yourself, your employees and your business. In this episode, Brian discusses: · What AmeriTrust Insurance has been doing to support ASA members during the pandemic shutdown.· How the current crisis is changing the way collision and mechanical shops are doing business.· The business risks of living in a digital world.· Why cybersecurity will continue to be a growing issue for ASA members.· How cyberattacks are becoming more frequent and common.· Where cyberattacks are coming from and who are the bad actors.· The threat level is higher than you think.· What the risks are to your business.· What you can do to limit your exposure.· What is cyber liability insurance and what you need to know.

In the episode we discuss Cyber Liability Insurance. As the owner of Tech Rug, Justin Reinmuth is the top expert in insurance for IT business owners. We discuss cyber liability for MSPs and liability insurance for small business clients. Justin answers the top questions he receives each week and shares some up-to-the-minute changes on how carriers are handling cyber liability claims.

Listen as Tampa Home Talk Host: Katrina Madewell interviews our Show Sponsor Aaron Davis with Hillsborough Title.  Join as our Show Sponsor Adam Talley with Talley Insurance - Will do 2-minute tip on Cyber Liability Insurance for commercial clients Discussion Topics: In the year 2017 The FBI has stated over, $969 million have been stolen from buyers via escrow scams — something cyber crime professionals say will continue to grow in popularity Buyer wire hacks "How to prevent" Phishing emails and what are they! What is E&O Insurance:         Best practices for prevention: New technology to avoid cyber crime in a Real Estate transaction.          

Today’s question: Today’s question comes from Britton. We are building an e-commerce platform and want to make sure we cover our insurance needs before we launch. What is your recommendation? Jake’s answer: Insurance isn’t an exciting topic, but it’s an important one. Let’s talk about the different types of insurance you may need to have for your startup. As you start getting customers, this is something you’ll want to look into. Types of Insurance Errors and Omissions Insurance. This protects you from lawsuits covering negligence and is the baseline for most businesses. Cost for this type of insurance will vary and somewhat depends on how expensive the goods or services are that you’re selling. You’ll want to have between $500k-$2M in coverage. Cyber Liability Insurance. This covers everything digital that errors and omissions insurance doesn’t cover. Things such as cyber attacks are covered under this type of insurance and can cover data loss and business lost due to being hacked. Directors and Officers Insurance. This protects your business when claims are made against your management team. Things such as breach of duty are covered here and most of the time these types of claims come from investors. This also covers unfair business practices and more. Employment Practices Liability Insurance. If you are ever sued for employee related issues, this would cover you. Any HR related issue is covered under this policy. General Liability and Property Insurance. This covers damages to offices and equipment, slips and falls, etc. It encompasses a lot of random issues, but generally it covers everything not covered by other insurance types. What Insurance Should a Startup Have? If I was just getting started with my idea or had a handful of customers then I wouldn’t worry about any of this stuff. This is especially true for an ecommerce business. If you don’t have the money to cover them, then you probably don’t need them. Some of them are must haves no matter what though, including errors and omissions and general liability. If you have any employees then you need the employment practices and liability insurance. If you hire an accountant and a lawyer right away then they will be able to answer these questions specific to your business. Ask Your Own Question Got questions about startups and/or startup culture? We’ve got answers. Head over to LaunchChat.io and record your own question to have it featured on the show. Stay in Touch Ask your own question Follow Jake Twitter Check out Jake’s articles Medium Jake’s personal site Check out Launchpeer Follow Launchpeer on Twitter

This week on the The Get Automated Podcast we take a look at Pipedrive and how an it is helping make sales easy. Episode 26 Kelsey Bratcher is joined by Darek Chojnacki, who is an Insurance Broker and small business advocate. Darek owns Green Tree Insurance, LLC and leverages automation to secure policies for his clients. The power of automation also allows Darek to run a second business (both as a solopreneur) Business Runway, where he helps small business owners set up the core technical components to then be able to leverage things such as automation. Darek and Kelsey cover several topics including; manage a sales team, the future of sales, Facebook ads tips, and custom document generation. Also, learn about how you can protect your business with a new type of liability insurance, “Cyber-Liability Insurance”. All this and more this week. Download and listen now.

In a program recorded live at the regular Red Hook Rotary meeting, insurance agents and Rotarians Carl and Bill Dowden discuss the Affordable Care Act (or ACA, sometimes called “Obamacare”), Cyber-Liability Insurance, and Long-Term Care Insurance. They explain how ACA relies on individual insurance companies instead of having a government-run single-payer plan, such as Medicare. While the ACA requires that insurers provide consumer protections and some benefits, its primary goal is to insure the currently uninsured, so people with satisfactory insurance now do not need to register. Cyber-Liability Insurance primarily protects companies and nonprofits from data breaches if their computer system is hacked or a device with private information is lost or stolen. The Dowden brothers also explain the differences between long-term care insurance and long-term disability insurance as well as the differences between homeowner’s insurance and flood insurance. --- Support this podcast: https://anchor.fm/radiorotary/support

Most business and professional liability insurance policies do not include cyber liability for a data breach. Steve and Femi talk with special guest Tyler Delaney, CIC, of First West Insurance to discuss why small businesses need cyber insurance to cover liability of data loss/destruction, computer fraud, funds transfer loss, cyber extortion and personal information exposed by hackers or other criminals.

This episode, in conjunction with the Security Advisor Alliance ( https://www.securityadvisoralliance.org/ ) we dive into a third round of Cyber Liability Insurance. This fascinating discussion dives deeper into the things security leaders need to know as Travis and Stephen get right to the heart of matters. Required pre-listening... Check out the first episode (way back in the archives) on DtSR Episode 34 - The Inside Scoop on Cyber Liability Insurance ( http://podcast.wh1t3rabbit.net/episode-34-the-inside-scoop-on-cyber-liability-insurance ) with Christine Marciano ( @DataPrivacyRisk ). Then, go grab episode 172, our 2nd foray into this topic titled "The Truth on Cyber Insurance" ( http://podcast.wh1t3rabbit.net/dtsr-episode-172-the-truth-on-cyber-insurance ) with Eran Kahana and L. Keith Burkhardt and dive a little deeper.   As always, thoughts and comments are more than welcome and discussion using the hashtag #DtSR is encouraged!

Richard Edwards with Integrated Risk Solutions discuses the importance of cyber liability insurance and how your business could be at risk.

Michael Rogers of the Small Business Association of Michigan talks about protecting your small business from the impact of accidental customer data loss. His guest is liability insurance expert Taras Shalay at Burns and Wilcox in Farmington Hills.

First ...a milestone. I want to take this time to formally welcome Mr. James Jardine, of SecureIdeas, as my permanent co-host to the podcast. James has experience podcasting as he already co-pilots the Professionally Evil Podcast, and he's witty, knowledgeable, and awesome to work with on the microphone. I ask that you all give James a warm welcome! In this episode... Overview of what cyber liability insurance is and what it isn't We ask "Why would we need a security program, when you can just buy insurance?" How do [cyber] under-writers figure out how to insure you, and how much of a liability your organization and its practices is? The types of costs and coverages available in some of the different policies at the various carriers We pull on the 'reputation' thread ... again We try to divine the magic formula used to calculate how to calculate a 'liability' or coverage requirement We try and figure out how an enterprise can drive down their cyber liability insurance premiums Christine touches on mobility, encryption, and some interesting tidbits for the modern enterprise Guest Christine Marciano ( @DataPrivacyRisk ) - Christine Marciano is President of Cyber Data Risk Managers, an Independent Insurance Agency specializing in Cyber Risk/Data Breach insurance, Directors & Officers insurance and (IP) Intellectual Property protection. Christine has over 17 years of experience working in various roles within the Insurance and Financial Services industry. Prior to establishing Cyber Data Risk Managers, Christine has held positions at CIBC Oppenheimer, Axa Advisors and Allstate Insurance Company. Links Christine's Blog - http://databreachinsurancequote.com/blog/ My 2013 Data Privacy, InfoSec & Cyber Insurance Trends report - http://databreachinsurancequote.com/wp-content/uploads/2013/02/2013-Data-Privacy-Information-Security-and-Cyber-Insurance-Trends-Report.pdf Christine's free weekly newsletter signup page - http://databreachinsurancequote.com/subscribe-data-breach-weekly-newsletter/