In this episode of the podcast (#117), we go deep on one of the hottest sectors around: cyber insurance. In the first segment, we talk with Thomas Harvey of the firm RMS about the problem of “silent cyber” risk to insurers and how better modeling of cyber incidents is helping to address that threat. In part II, we invite Chip Block of the firm Evolver back into the studio to talk about the challenge that “converged” cyber physical systems pose to insurance carriers as they try to wrap their arms around their exposure to cyber risk. Editor’s note: as an experiment this week, we’re posting each interview as a separate download, to see if that makes it easier for listeners to jump to the content they’re most interested in. Use the comments section or Twitter (@securityledger) to let us know what you think or whether you prefer the single download!
In-brief: An EU Court’s ruling invalidating a 15 year old safe harbor agreement between the US and EU leaves companies with a myriad of choices about how to respond – none of them good.
In-brief: Rapid advancement in the market for cyber insurance is poised to transform a cyber security market based on FUD (fear, uncertainty and doubt) to one based on hard numbers and risk. Consider yourself warned!
The five most feared words in the IT support person’s vocabulary are “This. Page. Can’t. Be. Displayed.” And yet, the growth of Service Oriented Architecture (SOA) based enterprises in the past eight years means that these dreaded words show up more and more, as services from different developers and vendors are consumed by larger, up stream platforms and and integrated to provide new capabilities. In this kind of environment, “This Page Can’t Be Displayed” is a cry for help: the first indication of a problem. For enterprise support personnel, that message is often the first step in a long journey complete with Sherlock Holmes-style sleuthing to try to find which service along an orchestrated chain is the bad actor. And, unfortunately, when an application is being attacked or gets hacked, support personnel may not even have an error message to go on. In both cases, the major roadblock for support and incident response staff is that application developers or development […]