Paragon Brokers’ Post

Interesting read on best practices to defend your organization from a cyber attack.

It was great sharing my insights in this article feature in Business Insurance! #usioneadvantage #USICyberFederation

"I hired a third party vendor to handle my credit card processing, I shouldn't be held responsible for any data theft." If you are a business owner who believes this statement then I urge you to read this article from our National Cyber Practice Leader. Third Party Risk Management (TPRM) is crucial in determining who your business should be working alongside. "....it is ultimately your customer and your liability or exposure." What does this mean for business owners? Let's look at an example. ABC company, manufactures and distributes carbide/diamond tools. Customers are allowed to go onto ABC companies website to make a purchase, which requires them to provide payment information online. ABC company hired XYZ company to handle all online payment processing. Therefore, XYZ company collects, uses, and stores this data for each transaction. An online hacker finds it difficult to access ABC companies data but finds out that they use XYZ company for processing this information. With a few keystrokes the hacker has identified an easy entry into ALL of XYZ companies stored data. They easily take this data and start distributing it to the highest bidder. The data collected is the responsibility of ABC company, not XYZ company. Due to poor TPRM practices, ABC company failed to confirm cyber coverage for XYZ company which resulted in a financial and reputational loss. Who you choose as your insurance broker matters! If your current broker does not have these type of conversations with you, it is time to consider making a real change and a different approach to protecting your company! #usioneadvantage #manufacturing #cyber

Great read below about Cyber Liability and Third Party Vendors

For a 'Left of Bang' approach to risk transfer, organisations need to re-think risk assessment of their entire ICT estate, including the very providers, such as CrowdStrike, implanted within to protect from #cyberattack, and their own employees that have access to its intimate workings as at KnowBe4. How many organisations have this level of risk assessment maturity? Quite rightly, Insurers want to know that organisations can attest a demonstrably robust governance framework for cybersecurity, before offering underwriting solutions.

Cyber threats are a growing concern for the life science community, with data breaches and cyber-attacks posing significant risks to sensitive information and intellectual property. Arthur Hall Insurance offers Cyber Liability coverage to help mitigate financial losses and liabilities resulting from cyber incidents, providing essential protection against the evolving landscape of cyber threats facing life science firms. Strengthen your cybersecurity defenses today with the guidance of our Advisors. Reach out to us to discover how our Cyber Liability coverage can safeguard your firm's digital assets and reputation in an increasingly complex threat environment. www.arthurhall.com #CyberSecurity #CyberThreats #DataBreach #CyberInsurance #LifeSciences #CyberLiability #DataProtection #IntellectualProperty #RiskManagement #DigitalSecurity #HealthcareSecurity #TechInsurance #CyberDefense #Infosec #CyberAwareness

It's going to take time for the Crowdstrike incident to unravel.  It was clearly an ICT risk, adding to the complexities insurers and their clients face. We do not live in a world that underwriters understand and can manage.  We haven't for some time.  In hind sight would any insurer have offered a product to Crowdstrike to underwrite the ICT risks that materialised last week?  Would they offer it across global markets? You dont need to be a statisticain to realise that these types of risks, and cyber risk are not 1:100 year long tail risks.  This year alone demonstrates a trend of signoficant digital events. The insurance industry needs to rethink its approach to digital risk.  As we presented to Lloyds of London 2 years ago.  The risk transfer equation has changed significantly,  it's now Left of Bang, not Right. Thaddeus Dziekanowski Brian D. McCarthy Faisal Khan Rachel V. Rose, JD, MBA Ryan Buckner Senebria Veritas GRC #cybersecurity #cyberriskmanagement #cyberinsurance

In the face of escalating cyber threats, financial institutions are finding #CyberInsurance to be an essential part of their #RiskManagement strategy. This recent Datos Insights report by Stephanie Dalwin aims to guide #CISOs and Chief Risk Officers (CROs) in #FIs through the complex process of securing cyber liability policies, especially in a time when the #insurance industry is evolving to meet new cyber threats. Learn more: https://lnkd.in/ebHa2gty

ICYMI - Assistant Secretary Graham Steele notes US Treasury’s considerations for federal insurance related to catastrophic cyber events. Whether under the existing TRIP authority or another avenue, this is an area to watch for all engaged in cyber risk…and mark your calendars for Apr 2024, “Treasury will host an additional conference during the week of April 22 exploring in more detail some specific ideas about what form such a federal insurance response to catastrophic cyber risk, and/or a public-private partnership or other collaborative mechanism, might take.” #cyber #insurance

Key lessons learned/takeaways from the CrowdStrike event (see link below) relating to your Cyber Liability policy are: *Does your policy have business interruption that includes contingent business interruption? *What is the waiting period for the coverage to kick in? Don't wait for an event to learn if you have coverage, inquire now. Reach out to me if you would like to learn more, or have us review your policy. https://lnkd.in/g7hSQeff