Australian Cyber Security: A Primer

A Q&A with Leah Mooney of MinterEllison
The cyber security field is rapidly evolving in Australia where new legislation, growing costs and an increased awareness of threats and liability have spurred discussion and concern. I spoke with Attorney Leah Mooney, special counsel in the Insurance and Corporate Risk Group of MinterEllison, about the state of affairs in Australia and what businesses operating there might need to know about looming risks and how to mitigate them.

Continue Reading

Third-Party Vendor Risk in Healthcare

A Q&A with Ozzie Fonseca of Experian
Last year’s data breach at Medical Management, LLC highlights the importance of third-party vendor oversight in the healthcare space. In this specific case, a call center agent at a billing company was copying information and sharing it with an unauthorized third party, leading to the exposure of thousands of patients records from 40 providers. We spoke to Ozzie Fonseca of Experian Data Breach Resolution about its implications for healthcare organizations.

Continue Reading

Bad Connections: Hidden Risks in the Internet of Things

Hand holding smart phone with Internet of things (IoT) word and object icon and blur background, Network Technology concept..

A Q&A with Larry Pesce of InGuardians
While the Internet of Things is making life more convenient, it’s also posing numerous security risks for both individuals and organizations. To find out more about why companies should keep an eye on these devices and how they can better mitigate risk, I spoke with Larry Pesce of InGuardians.

Continue Reading

EMV and Payment Security: What’s Next

A Q&A with Dan Fritsche of Coalfire
The introduction of EMV chip cards and newer PCI Security standards go a long way toward reducing data breach incidents and payment card-related fraud. Yet many retailers still have not adopted the technology and EMV in and of itself is not a wholesale solution for data loss. I spoke with Dan Fritsche, Vice President of Solution Architecture at Coalfire, about ongoing payment card concerns for retailers and what they can do to make their systems more secure.

Continue Reading

Using Big Data to Protect Against Cyber Risk

A Q&A with Lance Forbes of LemonFish Technologies
Of all Big Data’s capabilities, the means to proactively detect cyber breach events is especially intriguing. I spoke with Lance Forbes, chief scientist of LemonFish Technologies to find out more about how analytics can be used to find lost data across the internet.

Continue Reading

Medical Device Hacks: When Cyber Risk Becomes Deadly

Insulin Pump HiResA Q&A with Benjamin Caudill of Rhino Security Labs
With every advance in the Internet of Things comes more risks, and nowhere is this more true than in the field of medical devices, which, if seized by the wrong hands, have the potential to do bodily harm. I spoke with Benjamin Caudill, founder and CEO of Rhino Security Labs, about the exposures created by embedded systems in medical devices and what risk managers, corporate leaders and the general public might need to know.

Continue Reading

Data Breach Costs: Another Look

A Q&A with Sasha Romanosky, PhD, of the RAND Corporation

In a recent study, RAND Corporation policy researcher Sasha Romanosky examined 12,000 data breaches from 2004 to 2015, trying to get a more holistic view of their causes, costs, and associated risks and trends. I spoke with Dr. Romanosky about his findings.

Continue Reading

Closing the Gaps: Healthcare Organizations, Third Parties and Data Security Risk

A Q&A with Antony Kim and John Wolfe of Orrick, Herrington and Sutcliffe
The recent HIPAA breach at St. Elizabeth’s Medical Center in Brighton, MA, brought some key issues to light. With the continual outsourcing of healthcare sector computing for ePHI data to external third-party clouds, it’s becoming increasing vital that the covered entity (CE) and/or business associate (BA) has a good handle on their cloud provider’s actual operational and data security practices. I talked to Antony Kim and John Wolfe of Orrick, Herrington and Sutcliffe about vigilance in the face of this vulnerability.

Continue Reading

Shining a Light on Cyber Claims

The release of the NetDiligence® 2015 Cyber Claims Study, the only one of its kind, reveals the most current data on cyber security events and their true costs. NetDiligence President Mark Greisiger shares the latest findings, including the top areas of concern for both insurers and the C-Suite.

Continue Reading

The MIE Breach: Business Associates and Data Security Risks

A Q&A with J.T. Malatesta of Maynard Cooper & Gale
Medical Informatics Engineering and subsidiary NoMoreClipboard revealed a breach last month affecting up to 3.9 million Americans which has now resulted in a series of class action lawsuits on behalf of victims. The incident is causing headaches for risk managers in the healthcare sector, including their cyber liability insurers. This event underscores how a catastrophic breach for one dominant service provider (in this case, Medical Informatics Engineering, the software company that provides the NoMoreClipboard service) can create a domino effect that impacts multiple organizations. Many insurers are also rightfully concerned about aggregated risk, since they could have multiple insureds and claims stemming from a single event such as this one. I spoke with J.T. Malatesta, chair of the cybersecurity practice of Maynard Cooper & Gale, about the implications of this event and how organizations can better prepare for vendor breaches.

Continue Reading

No more posts.