Main features in this issue:
No port in a storm: Safe Harbour 2
Despite the new deal between the US and EU, data transfers between the two are now a lot more uncertain. The last minute deal to replace Safe Harbour has been welcomed by groups such as the International Chamber of Commerce. The Commission says the deal “will protect the fundamental rights of Europeans where their data is transferred to the United States and ensure legal certainty for businesses”. That might overstate it, however.
Do cyber insurers pay?
Stories of cyber insurers refusing to pay claims are rarely what they seem. “A Texas manufacturing firm is suing its cyber insurance provider for refusing to cover a USD 480,000 loss following an email [phishing] scam that impersonated the firm’s chief executive,” a story on well-read US blog KrebsOnSecurity.com reported in February.
Fitness device company hacked
The fitness device company Fitbit had to cope with hacking of a number of its users accounts to perpetrate warranty fraud recently. After user accounts were compromised, they were then used to call and claim replacements for defective products. Criminals were hijacking users’ accounts after cracking their passwords and then fraudulently claiming on warranties for a replacement device. The fact that the device requires an online account to enable full functionality, like most connected devices, means that many other companies could face similar risks.
The industry is working hard to develop understanding of cyber risks. In January, Lloyd’s of London announced an agreement with risk modelling specialists AIR Worldwide and Risk Management Solutions (RMS) for a common approach to collecting cyber exposure data. The agreement means, the key data and definitions used by the companies in their new data schemes launched last month to help insurers model exposures will be consistent.
Cyber threat intelligence
Does it matter where cyber attacks originate? After catching up China at the end of last year, the US remains a consistent contender for the most common host for attacks. In one week in mid-January, it was responsible for more than double the number of attacks as China – 37% of all attacks globally against 17%. Since then, the figures have normalised, with the US either a little behind (as in the last week of January) or a little ahead of China (as in early February). The two together account for about 40% of all attacks. This update is brought to you in partnership with CSC.
The physical damage of cyber attacks
Cyber attacks can sabotage control of major industrial security systems, causing substantial physical damage and business interruption. Is your company prepared?
Download cyber decoder
For more information please email firstname.lastname@example.org