Welcome to the next edition of our cyber newsletter in which we keep you posted on recent cyber developments in news and review the latest trends, high profile attacks and lessons learnt from this evolving threat landscape.
IN THIS EDITION:
Canada Joins Global Trend for Tougher Privacy Rules
Canada is set to introduce tougher data privacy rules, joining a growing list of countries giving new rights to consumers and holding companies to account. n May, Canada’s federal government launched its Digital Charter; 10 broad principles intended to guide future legislative changes, including plans to modernise the country’s Personal Information Protection and Electronic Documents Act (PIPEDA) and the Privacy Act.
Model Cyber Exclusions Provide Basis for Industry-Specific Coverages
London's company market trade body, the International Underwriting Association (IUA), has published model cyber exclusions to be applied to traditional property and casualty policies. Such moves should provide the foundations for more industry-specific affirmative cyber cover.
Multinational Cyber Risk and Solutions Are Evolving
Cyber risks are evolving fast, and the situation is especially acute for multinational businesses. Multinational companies are increasingly exposed to large, complex cross-border cyber risks through their supply chains, third-party vendors, and increasing levels of regulation, as highlighted in Chubb's recent report, Managing Tomorrow's Cyber Risks and Multinational Insurance.
Ransomware and Social Engineering Attacks Grow
Ransomware and social engineering attacks against C-level executives have increased in numbers and sophistication. Ransomware attacks doubled in the first quarter of 2019, according to Lloyd’s of London insurer Beazley, which experienced a 105% increase in the number of ransomware attack notifications by its clients in the quarter compared with the same period a year ago.
Legal Implications Regarding Ransomware
Jurriaan Jansen, privacy and cyber of Counsel at Norton Rose Fulbright LLP, talked us through the myriad of potential legal implications a ransomware attack could trigger. In this article, we summarise the five key takeaways from our discussion.
Can Cyber Be Covered In Traditional Forms of Insurance?
In short, the answer is yes, but insurers are increasingly encouraged by regulators and rating agencies to remove “non-affirmative” coverage, so that they have a clear picture of their aggregate cyber risk and aren’t surprised by major losses in the market.
Setting the Record Straight on Cyber Insurance
For almost 30 years, cyber insurance has covered the losses and expenses associated with a growing range of cyber perils. Despite, some uncertainty about its responsiveness, cyber insurance is an essential component of a comprehensive cyber risk management programme.
Cyber Buzzword of the Month – Pineapple Device
The affordable ‘Wi-Fi Pineapple’ was first released in 2008 by Hak5, a company that develops tools for penetration testers (ethical hackers). Its initial purpose was to help penetration testers educate users on how to protect themselves from public Wi-Fi attacks; while concurrently raising awareness about the spoofing and man-in-the-middle (MITM) vulnerabilities inherent in Wi-Fi technology. Unfortunately, criminals found a way to repurpose the device to facilitate the very attacks it was built to prevent.