Cyber Insurance In The Covid-19 Landscape

Cyber Insurance In The Covid-19 Landscape

Gowling WLG

With the unprecedented global pandemic of Covid-19, companies are adapting to the new reality of social distancing and self-isolation practices encouraged by our government and health authorities, leading many businesses to transition large numbers of employees to remote working. Many of these employees have no prior experience working remotely, and in some cases, may not be properly equipped to do so.

Remote working requires, among other things, equipping employees with the ability to connect to company servers from home. This transition requires furnishing employees with the tools required to carry out their work efficiently, such as providing them with laptops, at home workstations, and remote access to secured networks and other company resources.

Unfortunately, the transition to working remotely almost certainly will mean increased risk of cyber attack and cyber losses. Cyber risks faced by businesses today take different forms. In addition to hardware and/or software failure, the loss of portable devices such as laptops or smart phones, and the use of unsecured Wi-Fi connections by employees, companies face sophisticated attacks from hackers targeting users seeking information on Covid-19.

Given these risks, it is critically important businesses take steps to insure and protect themselves against cyber losses.

Cyber Insurance-What is it and What Does It Cover?

Cyber insurance provides protection and coverage for the security and privacy of digital information and losses resulting from data breaches.

Cyber risk policies provide both first party and third party coverage. Cyber insurance may take the form of a stand-alone policy or be made available by way of endorsement to a D&O or E&O liability policy. Though each policy varies, and a policy should be thoroughly reviewed prior to purchase, first party coverages typically provided under a cyber insurance policy include:

  • expenses incurred by a company as a direct result of the breach, including remediation and notification expenses, as well as crisis management expenses; and
  • resultant costs such as business interruption and loss of goodwill.

Third party coverage under a cyber insurance policy typically provides coverage for liability in connection with losses suffered by customers as a result of the theft and use of their personal and/or financial data.

Most insurers also offer value-added services, such as network security testing, designed to help companies avoid and mitigate the effects of a data breach, and crisis management services.

Ensure That Your Cyber Insurance Policy is Comprehensive Enough to Suit Your Company’s Needs

Coverages offered under cyber insurance policies vary considerably. When purchasing a cyber insurance policy, the policy wording, and especially the exclusions, should be reviewed with a professional to ensure the potential loss events your company may face in the event of a data breach are covered. The type of coverage required will depend on the nature of the company, the types of information it stores within its secure network, as well as the types of activities the business participates in.

What Can Employees and Employers Do to Prevent Cyber Attacks?

Both employers and employees must take utmost care to protect themselves as well as confidential company information, especially while working remotely. Such steps include:

  • Encouraging employees to pay attention to phishing emails, which are emails disguised with an enticing link, that when clicked on, can download malware onto a device and the company’s systems;
  • Ensuring employee devices are up to date on their anti-virus protection;
  • Ensuring employees are working on secure, password-protected internet connections and reducing the use of public Wi-Fi as much as possible;
  • Reminding employees personal email should not be used for any company business; and,
  • Urging employees to keep track of what they are printing at home and to shred confidential documents as soon as possible before they are disposed of.

Conclusion

The best way to protect your company from cyber risks is to ensure appropriate preventive measures are in place and employees working from home or with remote access to company data are trained on how to implement these measures. We must all be diligent in protecting and securing sensitive business data and client information. However, when an attack does happen, it is crucial to have the right cyber risk insurance products in place to assist in dealing with the after-effects of a breach.

Read the original article on GowlingWLG.com

The content of this article is intended to provide a gener

Source: Mondaq

Aon, announced the acquisition of Cytelligence Inc, a Canadian-based cyber security firm

The acquisition combines Aon’s industry-leading investment in cyber security with Cytelligence’s unique technical expertise in incident response and digital forensics services to strengthen Aon’s cyber security client value proposition 

CHICAGOFeb. 4, 2020 /CNW/ — Aon plc (NYSE: AON), a leading global professional services firm providing a broad range of risk, retirement and health solutions, announced today the acquisition of Cytelligence Inc, a Canadian-based cyber security firm that provides incident response advisory, digital forensic expertise, security consulting services and cyber security training for employees to help organizations respond to cyber security threats and strengthen their security position.

The acquisition will help Aon expand its current coverages within the cyber market at a time when cyber claims are almost doubling year-over-year. The 2019 Cybersecurity Almanac published by Cisco and Cybersecurity Ventures predicts that cyber events will cost $6 trillion annually by 2021, as companies are digitizing most of their processes and are often operating remotely. Global cyber insurance premiums are expected to grow from $4 billion in 2018 to $20 billion by 2025. According to Aon’s 2019 Global Risk Management Survey, cyber-attacks were identified as a top ten risk facing organizations and is predicted to be one of the top three risks for organizations in 2022.

“As the number of network intrusions, data breaches, ransomware attacks, and similar threats continues to increase in both frequency and severity, expertise in cyber incident response becomes critical to organizations and insurance companies,” said J Hogg, CEO of Aon’s Cyber Solutions. “The Cytelligence team are deep experts in cyber incident response, ransomware mitigation, and cyber security training for employees, which will help cement our position in both North America and globally as an industry leader.”

Cytelligence will join the growing portfolio of Aon’s Cyber Solutions, which combines digital risk management services, security services, professional risk solutions, and a global risk consulting practice. This acquisition enhances Aon’s 2016 acquisition of Stroz Friedberg and now allows Aon’s Cyber Solutions to offer an even more holistic portfolio of services to clients from proactive security services, to incident response, to risk quantification and insurance broking.

“Together, we will deliver complete proactive solutions from risk assessment, cyber risk policy underwriting to secure insurance coverage to protect critical assets, to cyber breach response, effective and efficient cyber incident remediation, meticulous data collection and data preservation,” said Daniel Tobok, CEO of Cytelligence. “Put simply, everything that is connected to the internet can be compromised. proactive companies and their Boards are preparing now with proactive actions with penetration testing, vulnerability assessments, security audits, and training of their employees.”

Cytelligence has offices in TorontoOttawaNew YorkSan Francisco and Miami. The firm employs professionals in cyber security and education, investigations, and forensic analytics. The firm was founded in June 2016.

Mr. Tobok will join Aon as the Canadian President, Aon’s Cyber Solutions.

About Aon
Aon plc (NYSE:AON) is a leading global professional services firm providing a broad range of risk, retirement and health solutions. Our 50,000 colleagues in 120 countries empower results for clients by using proprietary data and analytics to deliver insights that reduce volatility and improve performance.

About Cytelligence
Cytelligence is a leading international cyber security boutique with deep expertise in Cyber Breach Response, Cyber Breach Investigations, and Digital Forensics. We are known for our technique: well planned, well executed and detailed-oriented engagements. Our Offensive Security Consulting includes: Penetration Testing, Vulnerability Assessments, Security Audits, and Secure Development Lifecycle Management, including code reviews.

SOURCE Aon plc

Canadian insurance company lost nearly US$1M in ransomware attack

The excerpted article was written by Ryan Flanagan CTVNews

TORONTO — Computers at a Canadian insurance company were disabled for more than one week due to a ransomware attack that resulted in a payout of nearly US$1 million.

The attack happened last October, but is only coming to light now as efforts to reclaim the ransom make their way through the British court system.

The U.K. court action is being led by a British insurance firm with which the Canadian company had a policy protecting it against suffering losses from cyberattacks.

Neither company is named publicly in the lawsuit the British company has filed against the unknown attackers. In a court decision made last month and published Jan. 17, Justice Simon Bryan ruled that hearings in the case would be held in private and that the involved insurance companies’ names would not be published, saying anything else would open the insurance companies up to retaliatory and copycat attacks while also potentially giving the hackers a chance to cover their tracks.

“Publicity would defeat the object of the hearing,” Bryan wrote.

COMPANY TURNED OVER US$950,000

According to Bryan’s written decision, the hacker or hackers somehow “managed to infiltrate and bypass the firewall of [the Canadian company].” From there, they encrypted files on the company’s servers and locked desktop computers. They also left a note.

“Hello [company name] your network was hacked and encrypted. No free decryption software is available on the web. Email us … to get the ransom amount. Keep our contact safe. Disclosure can lead to the impossibility of decryption. Please use your company name as the email subject,” the message read.

The Canadian company got in touch with its British insurer, which hired ransomware response specialists. The hacker told the specialists they were demanding US$1.2 million in Bitcoin, but eventually agreed to US$950,000 “as an exception.”

The specialists then transferred 109.25 Bitcoin – roughly equivalent to US$950,000 at the time – of the British company’s money to the specified account. Although they had been promised a quick response, nearly 16 hours elapsed before the hacker got in touch again, giving them a decryption program.

Even with the program, it took five days to run the program on each of the company’s 20 servers and five more to decrypt and unlock all 1,000 desktop computers.

Some of the Bitcoin was sold for other currency before specialists were able to locate it, but the bulk of the ransom – 96 Bitcoin – was traced to one specific account on one specific exchange.

The British company is suing the hacker as well as the owner of the account – it’s not certain if they’re the same person or not – as well as the Bitcoin exchange. The insurance firm is seeking a court order to force the exchange to reveal the identity of the account owner.

A RISING THREAT

The Canadian Anti-Fraud Centre (CAFC) described ransomware last September as “an increasingly common threat, targeting everyone from individuals and small businesses to large private enterprises and government organizations.”

There have been several high-profile cases in Canada in recent years, including an attack that paralyzed the Nunavut government’s computers for nearly two weeks last November.

Insurance companies are also known targets. One of the largest insurers in Oman was reportedly hit earlier this month. In Canada, Andrew Agencies Ltd. was targeted last fall but said it did not pay a ransom – implying that they are not the Canadian company at the centre of the British case.

The CAFC notes that there is no way to completely safeguard against these attacks, but says training employees to recognize cybersecurity threats, restricting access to computer administrative privileges and storing backup data offline can help protect an organization.

Source: CTV News

 

 

Brad Riddell Appointed Vice President, CyberSecurITy at FlexITy, Canada’s leading Systems Integrator

TORONTO, Jan. 20, 2020 /CNW/ – Brad Riddell has been appointed Vice President, CyberSecurITy at FlexITy, Canada’sleading Systems Integrator and Digital Transformation Solutions, by CEO Peter Stavropoulos.

As Vice President of CyberSecurITy Solutions, Brad Riddell is responsible for rapid expansion and growth while managing FlexITy’s emerging CyberSecurITy business. He brings more than 20 plus years of IT risk management, systems integration, and managed services, sales and delivery experience to the FlexITy organization.

“Brad is astute at understanding the cybersecurity challenges faced by Canadian companies and developing pragmatic solutions to effectively manage cybersecurity risk. He has a proven track record of building high performing teams that attract top cybersecurity talent that our clients require. As a longstanding trusted advisor to clients across many industries, Brad quickly earns their trust and develops long-lasting relationships,” said Peter Stavropoulos.

“FlexITy is a proven and trusted Systems Integrator focused on attracting and retaining top IT engineering talent and delivering robust, high performance and reliable solutions to their clients. We are applying this winning approach to cybersecurity to create Canada’s leading end-to-end cybersecurity services business. FlexITy will build tailored solutions targeted at solving the most daunting challenges such as ransomware, securing IoT devices, ensuring the safety of critical infrastructure, enabling secure electronic commerce, and ensuring the privacy of patient medical records,” said Brad Riddell.

Canadian companies now have a single trusted provider to design, deploy, secure and manage critical IT networks, systems and applications. By taking a truly integrated approach to network and system design, integration and security, FlexITy offers a unique capability unmatched in the Canadian market.

Along with the depth of FlexITy’s Infrastructure team of architects, pre-sales engineers, highly skilled and cross-certified integrators and project managers, all with the highest of government security clearances, we work with our best-of-breed strategic partners to develop and deliver broad and deep sets of Managed and Hybrid CyberSecurITy Solutions that make an immediate impact with clients across Canada.

The range of FlexITy clients serviced over the past two decades span across some of Canada’s leading financial, government, public sector, legal, media, telecommunications, insurance and health care institutions.

About FlexITy

FlexITy is an award-winning integrator of smart technology, CyberSecurITy and service solutions, built on powerful and digitally advanced secure platforms, and delivered with decades of expertise, is headquartered in Richmond Hill, with offices in Toronto and Winnipeg.

FlexSecurITy is a next-generation cybersecurity offering enabling organizations to protect the way people work today from advanced threats and compliance risks. FlexSecurITy protects organizations from the advanced attacks targeting them and protects the critical information people create while arming organizations with the right intelligence and tools to respond quickly when things go wrong.

FlexHealth-Powered by FlexITy is a suite of patient-centric solutions that integrate interactive mobile applications, secure health IT and data, and optimize healthcare management. FlexHealth engages patients and families, empowers clinicians and delivers outcomes that matter.

FlexTEL, a leading and secure managed business provides Unified Collaboration Cloud Services for Enterprises seeking a holistic enterprise grade Collaboration Platform.


www.flexsecurity.com, www.flexity.com, www.flexhealth.ca

Cybersecurity in Canada 2019: It was an ‘awesome’ year for attackers

Cybersecurity in Canada 2019: It was an ‘awesome’ year for attackers

By IT World Canada

No country is immune from cyber attacks. But 2019 saw Canadian organizations victimized like never before.

Arguably the worst breach — not only in 2019 one of the worst in Canadian history — was the theft of personal information on 15 million people in Ontario and B.C. held by medical test laboratory LifeLabs. This data included patient names, addresses, email addresses, login passwords, dates of birth, health card numbers and in some cases lab test results.

The second worse breach was the theft by a suspected employee of information on all 4.2 personal banking customers in Quebec and Ontario of the Dejardins credit union.

Copied were names, addresses, birthdates, social insurance numbers, email addresses and information about transaction habits. Not stolen were passwords, identification questions or secret codes.

While more people were victims of the 2015 hack of Toronto-based dating site Ashley Madison, it isn’t a financial or health institution and subscribers didn’t have to give real names.

Getting a handle on how many data breaches there are in this country is getting better now that most organizations have to report them to the Office of the Federal Privacy Commissioner (OPC).

In November the OPC estimated the personal information of 28 million Canadians had been exposed in the first 12 months of mandatory reporting — and that didn’t include the LifeLabs breach.

Small wonder Ed Dubrovsky, managing director for incident response at Toronto-based Cytelligence said “unfortunately it’s been an amazing year” — for attackers.

Among the publicly-reported incidents

  • Attacks through suppliers were responsible for many incidents. Freedom Mobile blamed a third party for hosting an unprotected database with personal and credit card information on thousands of the wireless carrier’s subscribers on the Internet. TransUnion Canada said attackers compromised a Winnipeg leasing company to get access to personal information on some 37,000 Canadians held by the credit reporting agency; Verizon’s annual Data Breach Investigations Reporton thousands of incidents around the world, noted that 21 per cent of data breaches are caused by errors, either by employees or third parties;
  • Questions were raised about the dealings of some organizations with suppliers. In December the city of Hamilton, Ont., notified residents of a potential disclosure of their personal information through Alectra Utilities, which provides water billing service for the municipality. According to a news report an India-based subcontractor to Alectra had access to customer data it held, and there may have been other subcontractors whose staff could also see personal data. The incident raised questions of consent;
  • Nova Scotia’s privacy commissioner blamed the government for not doing enough security testing before making a new provincial Freedom of Information website live, allowing two people to hack the site in 2018 and make off with 7,000 documents including personal information of 740 people;
  • Think small businesses won’t be attacked? Consider our report on a Halifax vegan restaurant whose Facebook page was defaced.

Among other newsworthy events in 2019

  • The U.S. increased pressure on Canada not to allow Canadian wireless carriers to buy wireless network equipment from Chinese manufacturer Huawei for security reasons. A decision will likely be tied to the outcome of a Vancouver extradition hearing for Huawei’s CFO and the detention by China of two Canadians;
  • A Bank of Canada executive was among many experts urging organizations to collaborate more on cyber best practices and threat information. In a related move the Canadian Cyber Threat Exchange (CCTX) lowered fees for public sector agencies;
  • To help improve the security maturity of small and medium-sized businesses the federal government launched a cyber certification program. The hope is it will also increase public confidence in Canadian firms selling products online.

Dubrovsky sees some complacency in the attitude of Canadians and organizations. “We’re just accepting this is a risk,” as a result of the almost daily stories of breaches. “Unfortunately I don’t think there’s enough being done, still” by IT departments. “We don’t understand the threat actors are also ramping up both the damage they’re causing and the monetary demands.”

READ FULL ARTICLE MORE HERE: 

Source: IT World Canada

Canadian insurance firm targeted in ransomware attack

Adam Ward |CTVNews.ca 

TORONTO — Andrew Agencies Ltd., an insurance firm that operates in the Prairies, was recently targeted in a ransomware attack but says no personal information was taken.

Dave Schioler, the executive vice president and general counsel for Andrew Agencies, confirmed the security breach in an email statement to CTVNews.ca on Wednesday.

“We have uncovered no evidence of sensitive personal information or data being stolen or otherwise compromised,” he said in the statement. “We can advise that the incident has had minimal impact on our operations.”

Andrew Agencies, a full-service insurance and financial services firm, operates 18 locations in Alberta, Manitoba and Saskatchewan.

A hacker group known as Maze has taken credit for the attack online. The group was reportedly behind a ransomware attack that recently targeted the City of Pensacola, Fla.

Schioler said that Andrew Agencies did not pay a “ransom as part of the recovery effort.”

“We have taken this matter very seriously and have expended considerable resources in the investigation and remediation of this incident, including the use of third parties with expertise in similar incidents,” the statement reads.

ARE THESE TYPES OF ATTACKS ON THE RISE?

News of the security breach at Andrew Agencies comes one day after LifeLabs, one of Canada’s largest medical laboratories, announced it was hit by hackers.

In LifeLabs’ case, an estimated 15 million customers are believed to have been affected, with passwords, birthdays, health card numbers and even lab results potentially being accessed.

Brett Callow, a threat analyst with anti-virus software company Emsisoft, says while many of these types of attacks go unreported, it’s very likely there has been an increase.

“Most ransomware attacks are not specifically targeted and, as there’s been an increase in attacks on the public sector, it would seem inevitable that there has been an increase in attacks on smaller businesses too,” he said in an email statement to CTVNews.ca.

According to a report released this week by Emsisoft, at least 948 government agencies, educational institutes, and health-care providers were impacted by ransomware attacks in the U.S. in 2019. Emsisoft didn’t have information on the number of these types of attacks in Canada.

Callow says that in about 90 per cent of these cases, hackers are perpetrating these attacks through “email attachments or improperly secured remote access solutions.”

So how can companies and municipalities protect themselves from these types of attacks? Well, Callow says a good starting point is email filtering and training staff how to spot potentially hazardous emails.

“The fact that ransomware groups are now stealing data as well as encrypting it makes prevention and detection more critical than ever,” Callow says.

SHOULD COMPANIES PAY A HACKER’S RANSOM?

In short, no, says Callow, because there’s a lot of unknowns.

“There is no guarantee that the decryption tool supplied by the cybercriminals will work or that they’ll even supply one.”

Callow added that every time a company pays for their data back, they incentivize these types of cyberattacks. However, he admits that some companies have no choice and have to take the risk because it may be the only option.

“For as long as companies pay ransoms, ransomware attacks will continue. The only way to stop the attacks is to make them unprofitable.”

Source: CTV News

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from ILSTV

You have Successfully Subscribed!

Pin It on Pinterest