Faced with the risk of cyberattacks, the prospect of losing data and the potential for large fines, the private sector has turned to the insurance industry to protect against losses arising from all manner of information security incidents. Research from CFC Underwriting shows a 50% growth in demand for cyberinsurance last year and the firm expects continued high demand for cyber insurance products in 2017.

The cyberinsurance industry is growing quickly as a result. Allianz estimates…

In the fast moving world of cyber security incident response, the challenge is to rapidly identify and stay ahead of the threat. Incident responders must move faster, be more agile, have longer stamina than the attacker. Additionally they must also be more responsive than the attacker or malware can morph and be concealed. In the world of small networks (1-100 nodes), this is not a particularly oppressive challenge with the old methodologies, tools, and procedures. In midsize to large-scale…

This article gives a 5 principal steps and questions one must solicit the emergency from the cyber security incident response steps. This includes the incident, the control points, plan of action, communication, business impacts.…

The new Spora ransomware strain has now been dissected by more malware researchers and the team from G Data discovered that Spora uses an "innovative" way to spread itself via USB sticks. This strain is highly sophisticated and could become the "New Locky". 

Spora has well-implemented encryption procedures that do not need a Command & Control server, a user-friendly payment site, choice of different “packages” that victims can opt for including immunity from future attacks, and…

Ransomware is a type of malware that encrypts everything on your system with a cryptographic algorithm and holds that encrypted data hostage for ransom. It demands the user to pay for the decryption key. There are two types of ransomware. The first type encrypts all data on the system and renders it nearly impossible to decrypt without the key. The second type simply locks the system and demands to enter the key for data decryption but does not encrypt data itself.…