Data Security

The Chubb Index highlights the importance of taking more protective steps against cyber attacks by the professional services industry

prnewswire | November 24, 2020

In the most recent version of the Chubb Cyber InFocus Report, Chubb information uncovers that the expert administrations industry need to take more proactive and defensive measures against potential digital assaults. Chubb has seen a 10% expansion in digital occurrences identifying with proficient administrations organizations. These are generally email-driven associations, which means there are numerous open doors for workers to tap on noxious connections, driven by email phishing.

"Most cyber attacks are coming from outside the company, leaving businesses at greater risk in the current work-from-home environment," said William A. Wise, Head of Chubb Cyber North America. "Due to the rise in incidents resulting from email phishing, employers with remote employees need to take additional steps to protect their companies against cyber threats."

For example, companies should use multifactor authentication for protected data and to keep software and applications up-to-date.

In addition to highlighting risks within the professional services industry, the latest Cyber InFocus report also examines:

Changes in cyber vulnerability by industry since 2016.
Breach sources over the last four years showing an increase in threats by external actors, including malware attacks.
Cyber crime examples in the most vulnerable industries, how they were exposed and what was learned in the process.

"As cyber incidents continue to evolve in complexity and focus, it's critically important that companies understand how cyber-and privacy-related incidents affect their organizations," added Anthony Dolce, Vice President, Cyber Lead, Chubb North America Financial Lines Claims. "The Cyber InFocus Report is a timely tool to help agents, brokers and companies understand the latest trends on cyber threats, helping to prevent issues from happening in the first place."

Chubb's Cyber InFocus report, which previously dispatched in mid 2018, gives experiences into the impacts of digital dangers and patterns on explicit enterprises or business portions each quarter. Such knowledge depends on Chubb's utilization of outsider exploration, just as exclusive cases information from over twenty years of protecting associations against developing digital dangers.
About Chubb Cyber:
Chubb is a leader in insuring cyber risk. Combining industry-leading underwriting and expert third-party incident response services, Chubb offers policies that are tailored to the specific needs and risks of its clients to ensure they are ready with the tools and expertise necessary should a cyber incident occur. Moving swiftly to connect clients with the proper parties to minimize data loss is only part of what Chubb delivers. Keeping an eye on the ever-evolving cyber security landscape, Chubb looks for ways to do more for its clients by offering cutting-edge products and holistic services to every client.

About Chubb
With operations in 54 countries and territories, Chubb provides commercial and personal property and casualty insurance, personal accident and supplemental health insurance, reinsurance and life insurance to a diverse group of clients. As an underwriting company, we assess, assume and manage risk with insight and discipline. We service and pay our claims fairly. The company is also defined by its extensive product and service offerings, broad distribution capabilities, exceptional financial strength and local operations globally. Parent company Chubb Limited is listed on the New York Stock Exchange (NYSE: CB) and is a component of the S&P 500 index. Chubb maintains executive offices in Zurich, New York, London, Paris and other locations, and employs approximately 33,000 people worldwide.

Spotlight

The reality of email is that cybercriminals can use almost any brand or email domain to send spam, phishing emails, and malware installs, inflicting direct losses to customers and eroding the brand equity companies have spent years building up. The solution is DMARC, which allows companies to understand all the different mail st

Spotlight

The reality of email is that cybercriminals can use almost any brand or email domain to send spam, phishing emails, and malware installs, inflicting direct losses to customers and eroding the brand equity companies have spent years building up. The solution is DMARC, which allows companies to understand all the different mail st

Related News

Enterprise Security, Platform Security, Software Security

ZeroFox Contributes to Open Source Amass Project to Help Businesses Manage Their External Attack Surface

Globenewswire | July 21, 2023

ZeroFox (Nasdaq: ZFOX), an enterprise software-as-a-service leader in external cybersecurity, highlights its recent contributions to the OWASP Amass Project in an ongoing effort to give businesses and government entities better visibility to their full external attack surface asset ecosystem. The recent additions to the project from the ZeroFox team provide more advanced tool sets for analysts to discover and catalog their internet-facing assets and exposures. The contributions create a new standard framework to lead the industry in a more cohesive approach to attack surface management. As organizations face increasingly sophisticated cyber threats, understanding and managing their external attack surface has become paramount. By leveraging its expertise in external cybersecurity, ZeroFox identified a critical gap in the attack surface management landscape and responded by spearheading the development of the Open Asset Model and Asset Database within the OWASP Amass Project. The Open Asset Model and Asset Database contributions offer security analysts a unified and structured approach to identifying and managing potential vulnerabilities outside the perimeter. The Open Asset Model provides a new standard for asset definitions, representing a comprehensive framework for describing and categorizing diverse internet-facing assets. The Amass community can quickly adapt the model to include new types of assets exposed on the Internet, and their relationships to each other, for more accurate discovery, tracking, monitoring, and management. The Asset Database implements this model, offering the database interaction layer to store discovered assets in the popular sqlite3 and PostgreSQL database management systems. The Asset Database will foster the development of an ecosystem of scanning and analysis tools, allowing them to store and analyze assets from the Open Asset Model and their relationships. These contributions directly benefit both existing Amass users and the broader attack surface management community in an effort to standardize asset definitions. The new standards now provide the information security community with a consistent and predictable format when transferring data describing external attack surfaces. "We are thrilled to contribute to the OWASP Amass Project and provide the security community with cutting-edge tools for Attack Surface Management," said Jeff Foley, VP of Research at ZeroFox. "By leveraging the power of open source, we aim to expand access to advanced cybersecurity capabilities, helping organizations proactively defend against emerging threats." These engineering contributions represent a continued commitment by ZeroFox to the open source community, OWASP, and the Amass Project. ZeroFox will continue to contribute to the Amass Project in an effort to enable the discovery, management, and protection of the external attack surface. By sharing its expertise and resources, ZeroFox aims to foster collaboration and innovation within the information security community, ultimately making the digital landscape safer for all users. About ZeroFox ZeroFox (Nasdaq: ZFOX), an enterprise software-as-a-service leader in external cybersecurity, has redefined security outside the corporate perimeter on the internet, where businesses operate, and threat actors thrive. The ZeroFox platform combines advanced AI analytics, digital risk and privacy protection, full-spectrum threat intelligence, and a robust portfolio of breach, incident and takedown response capabilities to expose and disrupt phishing and fraud campaigns, botnet exposures, credential theft, impersonations, data breaches, and physical threats that target your brands, domains, people, and assets. Join thousands of customers, including some of the largest public sector organizations as well as finance, media, technology and retail companies to stay ahead of adversaries and address the entire lifecycle of external cyber risks. ZeroFox and the ZeroFox logo are trademarks or registered trademarks of ZeroFox, Inc. and/or its affiliates in the U.S. and other countries. Visit www.zerofox.com for more information.

Read More

Enterprise Identity, Security Audit and Compliance

Malwarebytes Announces Acquisition of Leading Online Privacy Company Cyrus

PR Newswire | August 29, 2023

Malwarebytes, a global leader in real-time cyber protection, announced the acquisition of Cyrus, a disruptive innovator in online privacy solutions. This strategic acquisition reinforces Malwarebytes' commitment to privacy by giving users more control over their information, no matter where or how they choose to browse and interact online. The Cyrus team and technology will also help Malwarebytes strengthen its mobile privacy solutions. "We firmly believe that data privacy is a human right. Hackers, trackers, location data, and even browsing history are information that individuals should control," said Marcin Kleczynski, co-founder and CEO of Malwarebytes. "The innovative technology Cyrus has built will allow us to better advise our customers on the intersection of privacy and security while also providing us the tools to safeguard their personal data and online privacy." "By leveraging Cyrus' cutting-edge technology, we can provide an even more holistic, mobile-first, experience that provides context to when, why and how users may be at risk," said Mark Beare, the General Manager of Malwarebytes' Consumer Business Unit. "The acquisition underscores our mission to provide world-class cybersecurity and privacy solutions and is a logical continuum for our portfolio expansion from Premium Security to Privacy VPN and Browser Guard." The Cyrus technology looks at security and privacy in a new way, exploring the kill chain for consumer threats – considering social media, dark web content and overall online presence to form a correlated view of threats specific to each individual, helping flag early indicators that something is awry. "In an era where the digital landscape is increasingly dangerous for consumers, joining forces with Malwarebytes is a pivotal step toward realizing our mission and vision," said Oren Arar, CEO of Cyrus. "Through this powerful collaboration, we are uniquely positioned to protect millions of people across the world from cybercrime. Our combined strengths will empower individuals to navigate the digital realm with newfound confidence and security." As part of the acquisition, all Cyrus employees joined Malwarebytes, ensuring a seamless transition for customers and continuous innovation in the areas of mobile and online privacy. About Cyrus Founded in 2020 by cybersecurity experts Oren Arar, Jonathan Livneh and Shahak Shalev, Cyrus emerges as a leader in shielding individuals and businesses from the increasing threats of cybercrime and fraud. The platform, crafted to provide an easy and seamless experience, interweaves cutting-edge technology with the battle-hardened insights of its founders. Cyrus stands not only as a guardian but as an ally, resolute in its mission to safeguard the digital journey of its customers. www.cyrus.app About Malwarebytes Malwarebytes believes that when people and organizations are free from threats, they are free to thrive. Founded in 2008, Malwarebytes CEO Marcin Kleczynski had one mission: to rid the world of malware. Today, Malwarebytes' award-winning endpoint protection, privacy and threat prevention solutions along with a world-class team of threat researchers protect millions of individuals and thousands of businesses across the globe daily. Malwarebytes solutions are consistently recognized by independent tests including MITRE Engenuity, MRG Effitas, AVLAB and AV-TEST (consumer and business). Customers award Malwarebytes for being the most implementable and most usable endpoint protection product with the best results on G2 and Gartner Peer Insights. The company is headquartered in California with offices in Europe and Asia. For more information and career opportunities, visit https://www.malwarebytes.com.

Read More

Enterprise Security, Platform Security, Software Security

Kivu Launches New Managed Security Services for Cloud and Identity Threat Detection and Response

PR Newswire | August 18, 2023

Kivu Consulting, a premier global cybersecurity solutions provider, is proud to introduce two new managed security services: Cloud Detection and Response and Identity Threat Detection and Response. Powered by CrowdStrike, as part of Kivu and CrowdStrike's elite MSSP partnership, these innovative services are designed to equip clients with new capabilities to address the expanding technology attack surface and continued targeting of digital identities by cyber threats. Cloud Detection and Response: Kivu's Cloud Detection and Response service is a fully managed solution engineered to support cloud and hybrid environments. Key features include: Identification and alerts for cloud accounts, infrastructure misconfigurations, and compliance violations. Detection and prevention of cloud account and control plane threats. Resolution of vulnerabilities and misconfigurations in Cloud workload. Runtime detection and response for container and function-based applications. Identity Threat Detection and Response: Kivu's Identity Threat Detection and Response service integrates seamlessly with Active Directory and cloud-based identity stores to provide: Real-time threat detection using AI-based behavioral analytics for actionable insights. Early identification of threats before systems and data are impacted. Identity scoring and enforcement of robust authentication for risk-based remediation. Implementation of Zero Trust Principles. "As a leading incident response firm, we are observing daily how the threat landscape changes. Remote work has surged post-pandemic, the cloud has become a predominant IT delivery model, and zero trust is a priority," said Gary Alterson, Vice President of Kivu's Managed Security Services. "Our Cloud and identity managed services address modern threats and ensure we are providing the best possible security outcomes for our clients." "The steady increase in compromised credentials magnifies the importance of identity threat protection, and Kivu is determined to address this critical client need," said Shane Sims, CEO of Kivu Consulting. "With the launch of our expanded managed security services, Kivu continues to lead in providing trusted solutions to our clients and cybersecurity ecosystem partners." About Kivu Consulting Kivu is a leading global cybersecurity firm that offers a full suite of pre- and post-incident services, specializing in the forensic response to cyberattacks and ransomware incidents. We deliver cutting-edge cybersecurity solutions to organizations in need and are a trusted cyber incident partner to insurance carriers and law firms worldwide. Visit KivuConsulting.com.

Read More