Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    New SEC Rules Add Challenges in Uncertain Cyber Insurance Market

    JeremyKing[BUDGET AMMO] Jeremy King is a partner at Olshan Frome Wolosky. He wrote an article for Bloomberg where he analyzed cyber risk management issues that companies should prioritize in response to new SEC reporting requirements for cybersecurity incidents and threats.

    Here is a quick summary and I suggest you send the link to your InfoSec budget holder so that they can assess the importance. Ransomware is a big deal these days.    

    SUMMARY:

    New SEC cybersecurity rules are putting the heat on public companies to up their game in risk assessment, loss control, and incident reporting. These rules make it mandatory for companies to report significant cybersecurity incidents within four business days through a Form 8-K disclosure. This isn't just paperwork; it's a legal requirement that could put board members and execs in hot water if they don't comply.

    Cyber insurance is becoming a must-have, but the new rules are shaking up the market. Companies need to review their insurance programs, especially with the annual reporting requirements kicking in for fiscal years ending after December 15. Fitch Ratings noted that cyber insurance premiums have soared from $2 billion in 2018 to over $7 billion in 2022. Rates themselves jumped by 15% in Q4 2022.

    So, what should companies do? First, get legal advice to design a solid cybersecurity risk management plan. This plan should cover everything from privacy violations to ransomware attacks. Second, scrutinize your Directors and Officers (D&O) insurance policies. Some might not cover cyber incidents, leaving you exposed. Third, make sure your insurance covers not just direct losses but also third-party incidents, like a vendor getting hacked. Lastly, keep your reporting accurate and consistent to meet SEC requirements. 

    In short, the new SEC rules mean you've got to be more vigilant than ever. It's not just about having cyber insurance; it's about having the right kind and amount, all while keeping the regulators satisfied. Full article:

    https://news.bloomberglaw.com/us-law-week/new-sec-rules-add-challenges-in-uncertain-cyber-insurance-market

     

    Return To KnowBe4 Security Blog

    A Master Class on IT Security: Roger Grimes Teaches Ransomware Mitigation

    Cyber-criminals have become thoughtful about ransomware attacks; taking time to maximize your organization’s potential damage and their payoff. Protecting your network from this growing threat is more important than ever

    RogerMasterClass-FeatureImage (1) (1)
    Join Roger Grimes, Data-Driven Defense Evangelist at KnowBe4,  for this thought-provoking webinar to learn what you can do to prevent, detect, and mitigate ransomware. You'll learn:

    • How to detect ransomware programs, even those that are highly stealthy 
    • Official recommendations from the Cybersecurity & Infrastructure Security Agency (CISA)
    • The policies, technical controls, and education you need to stop ransomware in its tracks
    • Why good backups (even offline backups) no longer save you from ransomware

    Watch Now

    PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

    https://info.knowbe4.com/ransomware-master-class

    Topics: Ransomware

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews