Cyber Events Increase for Oil and Gas Orgs, Now Planning Should, Too

More oil and gas organizations (60 percent) reported “significant” cybersecurity events in 2017, up from 41 percent the previous year, according to Ernst & Young’s Global Information Security Survey, but just 17 percent feel comfortable detecting sophisticated cyberattacks.

Nearly all respondents (95 percent) say their cybersecurity efforts meet their organizational needs, even as the urgency is increasing. Greater adoption of connected devices in the industrial sector means that informational and operational technology have collided. With the industrial sector a key part of many supply chains, the time for attention to cyber-physical risks is now. The report indicated that while efforts to steal intellectual property, data, or finances have dropped for oil and gas organizations, malware and phishing efforts are on the rise.

Read more at https://www.advisenltd.com/2018/01/22/cyber-events-increase-oil-gas-orgs-now-planning/

Erin Ayers, Cyber events increase for oil and gas orgs, now planning should, too (January 22, 2018).

This story in an excerpt of the original. The content originally appeared in Advisen Cyber Front Page News.

Social Engineering Scams Prompt Coverage Litigation, Crime Policy Changes

Recent court decisions have offered conflicting views on whether and how crime insurance policies should respond to social engineering scams, reflecting an ongoing industry discussion on how best to handle this rising tide of crime.

In late July, the United States District Court for the Southern District of New York ruled that the “funds transfer fraud” provision in a crime policy issued to Medidata Solutions by Federal Insurance, a Chubb subsidiary, would cover the loss of funds due to spoof emails directing a wire transfer. In a similar case decided Aug. 1, American Tooling Center v. Travelers, the United States District Court for the Eastern District determined that the “computer fraud” provision of a Travelers policy would not cover a similar social engineering scam.

Read more at https://www.advisenltd.com/2017/08/10/social-engineering-scams-prompt-coverage-litigation-crime-policy-changes/

Erin Ayers, Ransomware attacks jump 50 percent, but accidental breaches a ‘major problem’ (August 3, 2017), available with subscription at Advisen Cyber Front Page News.

Data-Incident Trends Revealed by BakerHostetler Report

Humans still account for nearly a quarter of all data security incidents, but an analysis of more than 300 incidents by one law firm revealed the leading causes of cases in 2015 was phishing, hacking or malware.

The new report from BakerHostetler appears to confirm several other observations from within the cyber landscape that phishing and malware are becoming increasingly prevalent. While human error ranked as the leading cause of incidents in 2014, in 2015 employee action/mistake dropped to second at 24 percent.

Read more at http://www.advisenltd.com/2016/04/04/data-incident-trends-revealed-by-bakerhostetler-report/

Chad Hemenway, Data-incident trends revealed by BakerHostetler report (April 4, 2016), available with subscription at Advisen Cyber Front Page News.