Cyber Decoder - Issue 46

13 May 2019

Cyber Newsletter Issue 46 Welcome to the next edition of our cyber newsletter in which we keep you posted on recent developments in the news and review the latest trends, high profile attacks and lessons learnt from this evolving threat landscape.


Clarity sought on data breach litigationCLARITY HAS BEEN FOUND ON DATA BREACH LITIGATION
The US Supreme Court recently rejected an appeal made by a US-based online retailer in a proposed data breach class action lawsuit; this decision could be a setback for companies looking to reduce their data breach liability. We take a critical look at this decision and discuss the potential regulatory implications.

Breach costs and the intensity of cyber-attacks riseBREACH COSTS AND THE INTENSITY OF CYBER-ATTACKS ARE ON THE RISE
The UK Department for Digital, Culture, Media and Sports recently published the findings of their 2019 Cyber Security Breaches Survey, which contained some surprises following the introduction of the GDPR in May 2018. The Hiscox Cyber Readiness Report 2019 further supported these views.

New Cyber Supply Chain Threat DetectedNEW SUPPLY CHAIN THREAT HAS DETECTED
Kaspersky Lab recently revealed their discovery of a new supply chain threat known as ShadowHammer, which is currently wreaking havoc on various technology, gaming and pharmaceutical companies across Asia.

Cyber Buying Trends Highlighted in Asia SurveyCYBER BUYING TRENDS HIGHLIGHTED IN ASIA SURVEY
Pre-acquisition JLT Asia’s annual survey documents how companies across Asia have been buying cyber insurance in 2018 and the various trends we have observed concerning industry sector, limits, coverage and claims notification. We also make some interesting cyber buying predictions for 2019.

Debunking the top 5 ransomware mythsDEBUNKING THE TOP 5 RANSOMWARE MYTHS
When it comes to ransomware attacks, the general consensus of opinion is one of fear and confusion surrounding the appropriate steps to take once your systems have been disconnected and you receive a ransom demand. Winston Krone from cyber security firm Kivu Consulting provides some clarity on the subject and eliminates popular ransomware misconceptions one by one.

Quantification adds up better cyber risk managementQUANTIFICATIONS ADDS UP TO BETTER CYBER RISK MANAGEMENT
Ideas on best practice for managing cyber risk differ depending on who you ask, so ideally engaging all stakeholders would be the most effective solution. However, gaining consensus from all parties can prove challenging, which is where cyber risk quantification can step in to make things a little easier.

What does evil maid attack meanCYBER BUZZWORD OF THE MONTH – EVIL MAID ATTACK
Evil Maid attacks, named by Joanna Rutkowska, refer to scenarios that affect device integrity. This includes gaining unauthorised physical access to an unattended device with the purpose of changing, stealing or selling the information found on the device; and hackers selling ‘brand new’ laptops containing pre-loaded keyloggers or malware to unsuspecting victims. Although the opportunities for this type of attack are limited, physical attacks can have a profound impact on the company.



  • Sarah StephensSarah Stephens

    As part of Marsh JLT Specialty's London-based Financial Lines Group, Sarah and her team work both directly with our clients and with network colleagues and independent partners to make sense of cyber, technology, and media E&O (PI) risks and create leading edge bespoke insurance solutions in the London market.

    Prior, Sarah spent 12 years with Aon in a variety of roles. Her last role at Aon was Head of Cyber & Commercial E&O for the Europe, Middle East, and Africa (EMEA) Region, working with colleagues across business groups and clients in the region to identify, analyse, and drive awareness of cyber risks, exposures, and both insurance and non-insurance solutions.

    Previously, Sarah spent seven years with Aon’s US Cyber and Errors & Omissions practice group thinking nonstop about cyber insurance way before it was cool. Her first four years at Aon were spent in the Account Management group working with large clients and developing a keen eye for excellent client service.

    For further information or to learn more about cyber insurance, contact Sarah Stephens, Head of Cyber, on +44 (0)20 8108 9541.

  • For more articles like this, download our Cyber Decoder

    Share this article