Cyberisques NEWS: Business-Ransomware Cyberinsurance Notes 2016






Cyberinsurance Notes:  2015 / 2016 




2016: Business-Ransomware is big business



"According to the FBI's Internet Crime Complaint Center (IC3), more than 992 CryptoWall-related complaints were received between April 2014 and June 2015. During that period, victims reported more than $18 million in losses."

(cf BONUS) 







Last year, the personal data of tens of millions of JPMorgan Chase & Co. customers were compromised in a breach. The bank spent $250 million on cybersecurity in 2014 and will increase that to $450 million by next year, S&P said. ( )




In June 2014, the FFIEC launched its Cybersecurity Web Page ( and took several steps to raise awareness of cybersecurity risks at financial institutions. (



But one initially rare insurance product has become far more common: hack coverage. Inga Beale, the CEO of Lloyd’s, which manages a clearinghouse for insurance policies, said that demand for cyber insurance has grown considerably in recent years. Last year, the insurance industry took in $2.5 billion in premiums on policies to protect companies from losses resulting from hacks. That was up from around $2 billion a year before, and less than $1 billion two years before that.








Corporate PR Announcement:


Moody's: Threat of cyber risk is of growing importance to credit analysis


Global Credit Research - 23 Nov 2015

New York, November 23, 2015 -- The threat of cyber attacks continues to rise across all sectors, and the implications could start taking a higher priority in credit analysis, according to Moody's Investors Service in a new report. Moody's views material cyber threats in a similar vein as other extraordinary event risks, such as a natural disaster, with any subsequent credit impact depending on the duration and severity of the event.

"Cyber risk means different things for different sectors," says Jim Hempstead, Moody's Associate Managing Director and lead author of the report. "While we do not explicitly incorporate cyber risk as a principal credit factor today, our fundamental credit analysis incorporates numerous stress-testing scenarios, and a cyber event could be the trigger for one of those stress scenarios."

As computer networks and internet connectivity expand into new devices and services, and as more data becomes mobile, corporations and organizations will prioritize cyber risk mitigation through enhanced governance activities and investment in cyber defense. According to the report, "Cyber Risk of Growing Importance to Credit Analysis," security challenges will remain due to the constant evolution of cyber threats.

Assessing how prepared an issuer or organization is for a cyber threat presents challenges, owing to the complexity of the problem. Across all sectors, however, cyber risk is becoming an important priority.

In the report, Moody's identifies several key factors to examine when determining a credit impact associated with a cyber event, including the nature and scope of the targeted assets or businesses, the duration of potential service disruptions and the expected time to restore operations.

"More cyber security expertise is being added to boards and trustee governance," says Hempstead. "We expect many issuers will create distinct cyber security subcommittees, which is a material credit positive."

Moody's says that industries which house significant amounts of personal data, such as financial institutions, health care entities, higher education organizations and retail companies are at greatest risk to experience large-scale data theft attacks resulting in serious reputational and financial damage.

Other sectors considered critical infrastructure such as electric utilities, power plants, or water and sewer systems are more exposed to attacks that could lead to large-scale service disruption, causing substantial economic -- and possibly environmental -- damages to sovereign, state and local governments or utilities. However, Moody's believes such an attack would elicit immediate government intervention to restore operations, resulting in lower potential credit risk.

The report also looks at varying types of cyber threat actors and their motives, including nation state espionage groups, criminal enterprises, hacktivists and terrorists.

The report "Cross Sector -- Global: Cyber Risk of Growing Importance to Credit Analysis" is available to Moody's subscribers at



Websense report 2016:





Cette adresse e-mail est protégée contre les robots spammeurs. Vous devez activer le JavaScript pour la visualiser.  




Les dossiers de Cyber Risques News

CYBERISQUES.COM premier service de Veille "Business & Cyber Risks" pour les dirigeants et membres des COMEX/CODIR

Renseignements   Cette adresse e-mail est protégée contre les robots spammeurs. Vous devez activer le JavaScript pour la visualiser.



Informations supplémentaires