A Q&A with Peter Armstrong of Munich Re and Julie Eichenseer of Guidewire: Cyence Risk Analytics
At the NetDiligence® Cyber Risk Summit in Philadelphia, Julie Eichenseer of Guidewire: Cyence Risk Analytics and Peter Armstrong of Munich Re participated in a panel on cyber risk quantification, discussing how current approaches to evaluating cyber risk can better help the insurance industry and its clients improve their cybersecurity posture. We spoke with them about some of the topics they covered.
Posts by:Mark Greisiger
Ransomware, To Pay or Not To Pay
A Q&A with Winston Krone, Kivu
Unfortunately, for now, it appears that ransomware attacks, wherein hackers encrypt data and hold the decryption key for a sum of money, are here to stay. That leaves the attacked organization with a tough quandary: whether or not to actually give in to the criminal’s demands. We talked to Kivu’s Winston Krone about the latest thinking on when it’s appropriate to pay the ransom.
eDiscovery and Data Breaches
A Q&A with Carolyn Purwin Ryan of Cipriani & Werner and Larry Brown of Epiq
When used in the wake of a data breach, eDiscovery tools can help companies manage their legal and regulatory risks through the inventory of compromised sensitive information. At the Net Diligence Cyber Risk Summit, we spoke to Carolyn Purwin Ryan of Cipriani & Werner and Larry Brown of Epiq about how these technologies help companies improve both incident response and litigation readiness.
New HHS Guidance Combats Cyber Threats in Healthcare
A with Reece Hirsch of Morgan Lewis
Late last year, the U.S. Department of Health and Human Services (HHS) released voluntary cybersecurity standards that help bring the HIPAA Security Rule into focus and up to date with current cyber threats. The new guidance could also have implications for the way “reasonable standards” are legally defined going forward. We spoke with Reece Hirsch, co-head of the Privacy and Cybersecurity practice atMorgan Lewis, about the guidance and its advantages for healthcare organizations.
GDPR So Far
A Q&A with Ian Birdsey of Pinsent Masons
The European Union’s General Data Protection Regulation (GDPR) has been implemented for over a year, and we can now start to understand just how this sweeping law is being enforced and the ways it has positively impacted data security. We posed these questions to Ian Birdsey, data protection specialist and partner of Pinsent Masons, LLP.
Measuring Up to NIST CyberSecurity Framework
A Q&A with Matt Barrett, COO of Cyber Engineering Services Incorporated (CyberESI) First introduced in 2014, the National Institute of Standards and Technology (NIST) CyberSecurity Framework (CSF) has since become a widely held best practice far beyond the commerce industry. To get some perspective on the framework and how it’s evolved over the past five years, we talked to Matt Barrett, who was the program manager for CSF. (Note: Barrett currently serves as COO for Cyber Engineering Services Inc (CyberESI), a cyber risk management firm.)
Tuning in to Silent Cyber
A Q&A with Scott Stransky of AIR Worldwide
The exposures associated with cyber incidents and losses reach far and wide, including a whole category of risk called “silent cyber.” With traditional policies offering ambiguous coverage for cyber events, insurers and their insureds face a significant amount of gray area for these risks, which have now become commonplace. To better understand silent cyber and what can be done about it, we talked to Scott Stransky, vice president and director of emerging risk modeling at AIR Worldwide.
Cyber Mercenaries and Insurance Risk
A Q&A with Chris Rock of SIEMonster
Cyber mercenary activity—in which geopolitical states sponsor hackers and private firms to wage acts of cyber offence on other states, organizations and individual citizens—has been on the rise for at least a decade, though the wider public is only now just starting to understand its grave implications. To get a better handle on the current state of global cybersecurity affairs, we talked to professional hacker Chris Rock, CEO and founder of SIEMonster.
Banking Trojans and Financial Risk
A Q&A with Sherri Davidoff, CEO of LMG Security and BrightWise, Inc.
One of the most disturbing developments in financial cybercrime is the advent and increasing popularity of banking Trojans, which pose a grave risk to both consumers and financial organizations. To find out more about banking Trojans and how to avoid them, we spoke to Sherri Davidoff, cybersecurity expert, author, speaker and CEO of both LMG Security and BrightWise, Inc.
Ransomware Negotiations
A Q&A with Bill Siegel of Coveware
Given the prevalence and sophistication of ransomware—not to mention the financial stakes involved in these exploits—it’s no longer wise to leave delicate negotiations to internal staff. We spoke to Coveware’s CEO and cofounder Bill Siegel about the nuances involved in handling threat actors and why having data at the ready can better inform a company’s decision-making.
No more posts.