Sony has a $60 million Cyber Insurance policy

Sony Pictures Entertainment holds $60 million in Cyber insurance with Marsh, according to documents leaked by the group claiming responsibility for the attack on the movie studio.
The documents, covered in detail by Steve Ragan at CSO, say that after sonypictures.com was breached in 2011, Sony made a claim of $1.6 million with Hiscox, its Cyber provider at the time. The insurer declined to quote at renewal, so Sony Pictures turned to Lockton, which brokered a $20 million policy that included $10 million in self-insured retention.

Around April 1 of this year, Sony moved its Cyber policy to AIG, when it acquired $10 million in coverage. This policy, effective until April 1, 2015, overlaps with its existing coverage, Ragan writes. In May, the movie studio turned to a new insurance broker, Marsh, which reached out to Brit Insurance, Liberty International Underwriters, Beazley and other carriers to secure upward of $60 million in coverage.

Policy details say that the studio consolidated coverage with Sony Corporation of America, with a $5 million retention at an annual cost of $356,963. The policy includes security and privacy liability coverage, as well as event management, network interruption, cyber extortion and regulatory action.

Apple customers in the US and Canada can now buy the film for $14.99 via Apple’s digital media store, a move that at least extends the devices that you can watch it on to iOS, Apple TV and OSX. Other places it can be viewed or bought include Sony’s own site, YouTube, Xbox and Google Play.

Now the hackers who compromised Sony Pictures Entertainment’s servers, are releasing private files and emails to the public which detailed everything from the personal, financial and medical data of present and past employees and much more, are now threatening a “news media organization,” according to a new report. That organization may be CNN, based on information posted on anonymous sharing site Pastebin.

The Intercept today published a join memo from the FBI and the Department of Homeland Security it obtained which says the hacking group, known as the “Guardians of Peace,” have threatened to attack a U.S. new media organization, and the threat “may extend to other such organizations in the near future.”

The memo doesn’t state the news media organization by name, but instead references Pastebin messages that taunt both the FBI and “USPER2,” which is how the FBI’s memo referenced the news media organization. The memo only mentioned the news organization was mocked for the “‘quality’ of their investigations,” and an additional threat was implied.

PropertyCasualty360: http://nyti.ms/1w0Bqv4

TechCrunch: http://tcrn.ch/1OKZQ5Z

TechCrunch: http://tcrn.ch/1YxmV6B

 

« Dark Web thrives despite Operation Onymous
Coming Soon. How Surveillance and Privacy will Overlap in 2025 »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Security Audit Systems

Security Audit Systems

Security Audit Systems is a website security specialist providing website security audits and managed web security services.

Thermo Systems

Thermo Systems

Thermo Systems is a design-build control systems engineering and construction firm. Capabilties include industrial control system cybersecurity.

Ezenta

Ezenta

Ezenta is a Danish IT security consulting firm.

Certego

Certego

Certego is a company of the VEM Sistemi Group specialised in providing managed computer security services and to combat Cyber Crime.

Build38

Build38

Build38 provides the highest levels of security for mobile applications.

DAkkS

DAkkS

DAkkS is the national accreditation body for Germany. The directory of members provides details of organisations offering certification services for ISO 27001.

Cyber Security Cloud (CSC)

Cyber Security Cloud (CSC)

Cyber Security Cloud provides web application security services worldwide using world's leading cyber threat intelligence and AI technology.

Sovereign Intelligence

Sovereign Intelligence

Sovereign Intelligence provides automated insight into the relative intensity of hidden Cyber, Brand, and Financial Risks to your company.

Precursor Security

Precursor Security

Precursor Security are information security specialist, delivering all aspects of Security testing, Cyber Risk Management, and Continuous Security Testing.

Wabbi

Wabbi

Wabbi’s continuous security platform centralizes, automates and orchestrates security governance and vulnerability management to empower development teams to own appsec.

CaseMatrix

CaseMatrix

Discover a new era of legal intelligence with CaseMatrix. We identify potential class action cases arising from cyber incidents and data breaches.

HIFENCE

HIFENCE

HIFENCE delivers cybersecurity and networking services that make your company safer and more secure. That’s all we do, so you can concentrate on all the things that you do best.

Telenor Cyberdefence

Telenor Cyberdefence

Telenor Cyberdefence is a newly established (2024) cloud-born Managed Security Service Provider focused on the Nordic markets.

Twilio

Twilio

Twilio are the customer layer for the internet, powering the most engaging interactions companies build for their customers. We provide simple tools that solve hard problems.

Vortacity Cyber

Vortacity Cyber

Vortacity is a boutique cybersecurity provider specializing in associations, nonprofits, and mission-based organizations.

Security Mind

Security Mind

Security Mind is an innovative Cyber Security Awareness program that aims to increase the awareness of each member of the organization and develop the ability to recognize potential cyber threats.