Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    • Blog
      • /
    • Cybercrime
      • /
    • The U.S. Government Blaming Cyber Attacks on Russia May Cost One Business $100 Million

    The U.S. Government Blaming Cyber Attacks on Russia May Cost One Business $100 Million

    Stu Sjouwerman | Jan 17, 2019

    putin-1Governments attributing cyberattacks to specific countries usually ends in nothing more than a line in a news story. But sometimes these kinds of claims can have unforeseen consequences.

    The $100 Million insurance coverage lawsuit between Mondelez, the owner of brands such as Oreos and Nabisco, and Zurich Insurance group is apparently being impacted by statements made from the U.S. Government.

    Back in 2017, NotPetya attacks decimated Mondelez operations. So, Mondelez filed a $100 million claim on its insurance policy with Zurich Insurance Group. But Zurich denied the claim, using an exclusion in the policy for “hostile or warlike action in time of peace or war.” The lawsuit is the result of that denial.

    What makes this more complicated is that, in order to win the lawsuit, Zurich needs to prove the attack was warlike in nature. But when the U.S. White House makes an official statement calling the attack, “part of the Kremlin’s ongoing effort to destabilize Ukraine and demonstrates ever more clearly Russia’s involvement in the ongoing conflict”, statements like these (there have been a number made by different Western governments) give Zurich the ammunition they need as the basis for their case.

    Even with statements like this, there is no proof given by any governments to substantiate the claims. So, the outcome of the lawsuit is unclear.

    But, what is clear, is that governments should be careful when making broad statements – they clearly have ramifications that impact businesses, employees, and families.

    What’s also clear is that organizations cannot simply rely on the fact that they have cyber insurance in lieu of putting a proper security strategy in place. The safety net of a policy rests on the attack specifics – as is indicated by this story.

    Organizations need a proactive, layered security strategy that focuses on the attack surface, which includes solutions like endpoint protection, web, email, and DNS scanning, Security Awareness Training, privileged account management, and multi-factor authentication.

    Find out how affordable new-school security awareness training is for your organization. Get a quote now.

     
    Get A Quote
    Request A Demo
     

    Topics: Cybercrime

    Secure the Digital Workforce: Human + AI

    KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the Founder and Executive Chairman of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog

    Posts By Topic

    View All