Risk Management

Cyber Insurance's Real Dilemma

Since the start of the pandemic, the cyber insurance industry has been facing its biggest challenge to date. A ransomware crime spree is demonstrating the speed and scale of cyber risk and how this type of risk is unlike any other insurable risk. The number of ransomware attacks increased by 150%. Total ransoms paid are up 311%. The dramatic rise in frequency and severity resulted in a record high loss ratio of 67% for insurance carriers.

A Cybersecurity Risk Checklist for Law Firms

The growing wave of cybercrime targets businesses in every industry, and law firms are no exception. With many unique cybersecurity risks, law firms are more onerous to secure than other organizations. In addition to having to fend off threats from cybercriminals, they must also overcome the threat posed by hacktivists and nation-states. Law firms are especially attractive to bad actors because attorneys need access to highly sensitive data to provide legal services.

The Rise of Cyber Threats in the Automotive Industry

The second a system is connected to a network, it becomes vulnerable to a cyber attack. We’ve seen news of companies experiencing cyber attacks across different industries more often than we can count. But now that the automotive industry has joined the digital bandwagon, cybersecurity threats and attacks are also becoming an issue.

What is Cyber Risk Quantification (CRQ)?

The threat landscape is expanding and security professionals are barely keeping up. On a daily basis, CISOs and cybersecurity staff need to contend with new malware variants, data breach attempts, ransomware attacks, zero-day exploits - all while ensuring uninterrupted dedication to vendor risk mitigation efforts. With so many cyber threats testing your cyber resilience at once, where should you focus your cybersecurity efforts?

Exploring influences on SSC grades for insurance companies

This blog was written by an independent guest blogger. There are more online stores and services available than ever, and you are able to shop for almost anything online whether it's groceries or insurance. There are many ways to protect yourself while browsing the internet, and one of those ways is to choose reputable businesses with strong security. Although there are standards for online businesses to follow, some have better safety measures in place than others.

The THIP Model: Embedding Emotional Intelligence in Third-Party Risk Management

Third-party risk management (TPRM) has grown in prominence as organizations increase their reliance on external parties, from cloud providers to credit card processors. As more enterprises invest in this critical business function, certain best practices are becoming key to a successful TPRM program.

The Supply Chain Needs Better Cybersecurity and Risk Management

The supply chain is under a historic amount of pressure, but the strain on its cybersecurity and risk management may be in even worse condition. As 2021 draws to a close, the global supply chain is in a state comparable to rush-hour traffic in bad weather. Everything seems to be backed up whether due to supply and demand issues, wait times at shipping ports, or any number of other delays.

What Are BlackMatter Ransomware Attacks?

Following the 2021 cyberattack on Colonial Pipeline that caused a nationwide supply-chain disruption, numerous cybersecurity companies and federal agencies increased their efforts to find and shut down ransomware groups and curb the rise of cyberattacks. Those efforts have resulted in the shutdown of ransomware-as-a-Service (RaaS) groups such as DarkSide and REvil, which had been targeting critical infrastructure including healthcare providers of financial systems.

Enterprise Risk Management for Cloud Computing

Businesses have always had to manage risk – everything from operational, financial, or strategic risks; to other risks that are reputational, regulatory, or cybersecurity-related. So how does enterprise risk management (ERM) work today, when so many businesses are moving so much of their operations into the cloud? How can CISOs and other senior executives take traditional ERM principles and apply them to the cloud-based technology that underpins so much of the modern enterprise?