Sony has a $60 million Cyber Insurance policy

Uploaded on 2015-01-18 in TECHNOLOGY--Hackers, FREE TO VIEW

Sony Pictures Entertainment holds $60 million in Cyber insurance with Marsh, according to documents leaked by the group claiming responsibility for the attack on the movie studio.
The documents, covered in detail by Steve Ragan at CSO, say that after sonypictures.com was breached in 2011, Sony made a claim of $1.6 million with Hiscox, its Cyber provider at the time. The insurer declined to quote at renewal, so Sony Pictures turned to Lockton, which brokered a $20 million policy that included $10 million in self-insured retention.

Around April 1 of this year, Sony moved its Cyber policy to AIG, when it acquired $10 million in coverage. This policy, effective until April 1, 2015, overlaps with its existing coverage, Ragan writes. In May, the movie studio turned to a new insurance broker, Marsh, which reached out to Brit Insurance, Liberty International Underwriters, Beazley and other carriers to secure upward of $60 million in coverage.

Policy details say that the studio consolidated coverage with Sony Corporation of America, with a $5 million retention at an annual cost of $356,963. The policy includes security and privacy liability coverage, as well as event management, network interruption, cyber extortion and regulatory action.

Apple customers in the US and Canada can now buy the film for $14.99 via Apple’s digital media store, a move that at least extends the devices that you can watch it on to iOS, Apple TV and OSX. Other places it can be viewed or bought include Sony’s own site, YouTube, Xbox and Google Play.

Now the hackers who compromised Sony Pictures Entertainment’s servers, are releasing private files and emails to the public which detailed everything from the personal, financial and medical data of present and past employees and much more, are now threatening a “news media organization,” according to a new report. That organization may be CNN, based on information posted on anonymous sharing site Pastebin.

The Intercept today published a join memo from the FBI and the Department of Homeland Security it obtained which says the hacking group, known as the “Guardians of Peace,” have threatened to attack a U.S. new media organization, and the threat “may extend to other such organizations in the near future.”

The memo doesn’t state the news media organization by name, but instead references Pastebin messages that taunt both the FBI and “USPER2,” which is how the FBI’s memo referenced the news media organization. The memo only mentioned the news organization was mocked for the “‘quality’ of their investigations,” and an additional threat was implied.

PropertyCasualty360: http://nyti.ms/1w0Bqv4

TechCrunch: http://tcrn.ch/1OKZQ5Z

TechCrunch: http://tcrn.ch/1YxmV6B

 

« Dark Web thrives despite Operation Onymous
Coming Soon. How Surveillance and Privacy will Overlap in 2025 »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Mixed Mode

Mixed Mode

Mixed Mode is a specialist in embedded and software engineering for applications including IoT and secure embedded systems.

CybergymIEC

CybergymIEC

CybergymIEC is a global leader in cyber defense solutions and training services.

DNV

DNV

DNV are the independent expert in assurance and risk management. We deliver world-renowned testing, certification and technical advisory services.

KayHut

KayHut

KayHut is a young, innovative company engaged in cyber research and security solutions.

Cyberlitica

Cyberlitica

Cyberlitica (formerly iPhish) provides a Workforce Threat Intelligence application that significantly augments companies’ cyber threat prevention efforts.

Department of Energy - Cybersecurity, Energy Security, and Emergency Response (CESER) - USA

Department of Energy - Cybersecurity, Energy Security, and Emergency Response (CESER) - USA

The Office of Cybersecurity, Energy Security, and Emergency Response (CESER) addresses the emerging threats of tomorrow while protecting the reliable flow of energy to Americans today.

Cyber Security Austria (CSA)

Cyber Security Austria (CSA)

Cyber Security Austria (CSA) is an independent non-profit association with the aim to address security issues in the area of IT/cyber security of critical/strategic infrastructures in Austria.

Industrial Cybersecurity Center (CCI)

Industrial Cybersecurity Center (CCI)

CCI is the first center of its kind that comes from industry without subsidies, independent and non-profit, to promote and contribute to the improvement of Industrial Cybersecurity.

Korn Ferry

Korn Ferry

Korn Ferry is a global organizational consulting firm, synchronizing strategy and talent to drive superior performance for our clients in key areas including cybersecurity.

Dataships

Dataships

We help companies automate their privacy compliance while building healthy, transparent data relationships with their customers.

Visory

Visory

Great businesses depend on great technology. We make sure our clients go to market with enterprise-level technology and world-class security for their data and infrastructure.

Clearnetwork

Clearnetwork

Clearnetwork specializes in managed cybersecurity solutions that enable both public and private organizations improve their security posture affordably.

Secrutiny

Secrutiny

Scrutiny's core services include Cyber Maturity, Cyber Risk Analyser, Cyber Controls, Incident Response, SOC, Cyber Recovery and Assurance Testing.

Armolon

Armolon

Armolon provides comprehensive data breach and cybersecurity, as well cybersecurity audits and certifications, and disaster recovery/business continuity services to clients.

Sri Lanka CERT

Sri Lanka CERT

Sri Lanka CERT is the National Centre for Cyber Security, which has the national responsibility of protecting the nation’s cyberspace from cyber threats.

Corinium Global Intelligence

Corinium Global Intelligence

At Corinium, we have been bringing together the brightest minds in data, AI and info sec since 2013, to innovate at the intersection of technological advancements and critical thinking.