Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    The U.S. Government Blaming Cyber Attacks on Russia May Cost One Business $100 Million

    putin-1Governments attributing cyberattacks to specific countries usually ends in nothing more than a line in a news story. But sometimes these kinds of claims can have unforeseen consequences.

    The $100 Million insurance coverage lawsuit between Mondelez, the owner of brands such as Oreos and Nabisco, and Zurich Insurance group is apparently being impacted by statements made from the U.S. Government.

    Back in 2017, NotPetya attacks decimated Mondelez operations. So, Mondelez filed a $100 million claim on its insurance policy with Zurich Insurance Group. But Zurich denied the claim, using an exclusion in the policy for “hostile or warlike action in time of peace or war.” The lawsuit is the result of that denial.

    What makes this more complicated is that, in order to win the lawsuit, Zurich needs to prove the attack was warlike in nature. But when the U.S. White House makes an official statement calling the attack, “part of the Kremlin’s ongoing effort to destabilize Ukraine and demonstrates ever more clearly Russia’s involvement in the ongoing conflict”, statements like these (there have been a number made by different Western governments) give Zurich the ammunition they need as the basis for their case.

    Even with statements like this, there is no proof given by any governments to substantiate the claims. So, the outcome of the lawsuit is unclear.

    But, what is clear, is that governments should be careful when making broad statements – they clearly have ramifications that impact businesses, employees, and families.

    What’s also clear is that organizations cannot simply rely on the fact that they have cyber insurance in lieu of putting a proper security strategy in place. The safety net of a policy rests on the attack specifics – as is indicated by this story.

    Organizations need a proactive, layered security strategy that focuses on the attack surface, which includes solutions like endpoint protection, web, email, and DNS scanning, Security Awareness Training, privileged account management, and multi-factor authentication.

    Find out how affordable new-school security awareness training is for your organization. Get a quote now.

     
    Get A Quote
    Request A Demo
     

     

    Return To KnowBe4 Security Blog

    Topics: Cybercrime

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe To Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews