Wave Systems Corp. (fka WAVXQ)

[Genz2]

Majority of UK firms not insured for data breaches

https://www.computerweekly.com/news/252447970/Majority-of-UK-firms-not-insured-for-data-breaches

Many UK firms are not insured against information security breaches and data loss, and would have to spend £1m on average to recover from a breach, a report reveals

Only a third of UK organisations have insurance that covers them for security breaches and financial impact of data loss, a survey shows.

The survey also shows that only 29% of firms have dedicated cyber insurance in place, despite 81% of senior executives polled saying it is “vital” their organisation is insured against data breaches, according to the Risk:Value 2018 report by NTT Security.

However, the survey, conducted by Vanson Bourne, also shows that nearly half of senior executives are not aware of what their company insurance covers.

The report, which looks at the attitudes of 1,800 global senior decision-makers from non-IT functions to risks to the business and the value of information security, reveals that UK businesses would have to spend £1m, on average, to recover from a breach.

While the UK compares poorly with other markets such as the US and Singapore (53%) when it comes to insuring against information security breaches and data loss, it fares better than Benelux (27%) and the Nordics (23% in Sweden and 28% in Norway).

The UK also ranks second from last for having dedicated cyber insurance, alongside Germany (29%) and just above Benelux (27%).

Just 6% of UK respondents said their company insurance covers only information security breaches, while 11% are covered only for data loss. However, the fact that nearly half (45%) of those surveyed do not know if their company insurance covers either of these is a concern, the report said, given that it is the highest figure for any of the countries in the report and well above the global average of 23%.

Kai Grunwitz, senior vice-president for Europe at NTT Security, said: “With estimated annual losses from cyber crime now topping $400bn (£291bn), according to the Center for Strategic and International Studies, you would hope more organisations would be beating a path to insurers’ doors. But while the insurance sector is certainly seeing growth in the number of policies being taken out to cover such losses, it’s an issue that many senior decision-makers are not on top of.”

According to figures, the number of insurers now offering cyber insurance via Lloyd’s of London has leapt to more than 70, nearly double the number a few years ago, while insurance giant Allianz predicts that global cyber insurance premiums will grow to $20bn by 2025, up from around $3bn to $4bn currently.

According to the NTT Security report, half of respondents in UK organisations believe a failure to maintain or apply updates to existing IT systems would or could invalidate their company insurance, while 37% point to lack of compliance with industry regulations, including the General Data Protection Regulation (GDPR), which came into force in May.

While 63% of respondents in the UK said they have an incident response plan in place, and another 18% are in the process of implementing one, 38% agreed that the lack of an incident response plan could or would also invalidate their company insurance.

Incident response is a basic requirement of best practice security and is even more important with the GDPR mandating 72-hour notifications following a breach, the report notes, adding that the GDPR and Network and Information Systems (NIS) Directive both require organisations in one way or another to follow best practices in cyber security, threatening huge fines of up to £17m or 4% of global annual turnover for non-compliance.

“While cyber risk insurance should be put in place to help mitigate the potential fallout of a data security breach, a policy must not be seen as a ‘get out of jail free’ card,” said Grunwitz.

“Cyber insurance must be complementary to an effective risk-based information security strategy, not a replacement for it. You wouldn’t expect your house insurance provider to pay out if you were burgled when the doors and windows were left unlocked. So don’t expect a payout – or indeed an insurance policy – if you haven’t put in place the right processes and policies,” he said.
================================================================
Wave Announces 5-Year Master License Agreement for Virtual Smart Card 2.0 with Leading Global Financial Services Company

Wins competitive evaluation against market leader in two-factor authentication tokens

https://www.wavesys.com/buzz/pr/wave-announces-5-year-master-license-agreement-virtual-smart-card-20-leading-global

Lee, MA -

December 17, 2015 -

Wave Systems Corp. (NASDAQ: WAVX) announces a five-year master licensing agreement (MLA) with a leading global corporation (as determined by the 2015 Fortune Global 500 List) for its Virtual Smart Card 2.0 solution. This MLA sets the terms and pricing for licenses and maintenance across the customer’s global organization and establishes it as their preferred two-factor authentication solution. Instead of one large license purchase for the entire organization, each of the customer’s subordinate divisions will make separate orders in accordance with the terms of this MLA.

The first purchase of 2,000 VSC 2.0 licenses under this agreement, when added to a previous purchase, completes the requirement for the customer’s global IT division. That division will now lead the internal effort to standardize the remaining 150,000+ endpoints within their organization with the new Wave VSC 2.0 solution. While there are no minimum order requirements under the agreement, discussions for additional orders are underway.

“Our five-year agreement with this customer is the first very large scale contract for VSC 2.0 and is an important milestone for Wave,” said Bill Solms, President and CEO of Wave Systems. “This customer is a major global financial services company and their standards for protecting their systems from unauthorized access and the integrity of their data are of the highest order. Wave had to pass a very rigorous technical and business review to win the competition. We believe that this client’s decision to choose Wave Virtual Smart Card 2.0 over their incumbent solution gives us tremendous credibility in the two-factor authentication market. We will remain engaged with this company in order to complete the additional sales and deployments in the months ahead.”

Wave Virtual Smart Card 2.0 is a tokenless, hardware-based, two-factor authentication solution that offers superior security at less than half the cost of comparable solutions. It is the industry’s only enterprise-grade virtual smart card management solution that works on Windows 7, 8 and 10. It also provides management support for the Microsoft Virtual Smart Card on Windows 8 and 10. Wave’s VSC solution emulates the functionality of physical smart cards or tokens, but offers greater convenience to users, significantly lower total cost of ownership, and a greatly reduced risk of unauthorized access.

Wave Virtual Smart Card 2.0 gives IT the ability to:
• Remotely create and delete virtual smart cards
• Provide help desk-assisted recovery
• Configure Passphrase and card policies
• View the status of virtual smart cards and enrolled certificates
• Generate reports for compliance
• Support virtual smart cards on laptops, tablets and desktops with both TPM 1.2 and TPM 2.0 security chips

For more information, visit: Wave Virtual Smart Card 2.0
==================================================================
If this global financial services company sells cyber insurance, it would seem to make sense to pass this agreement information along to its potential cyber insurance customers. Or for Wave to show prospective large companies this agreement who still have two factor authentication like Securid. imo. See the link below for a description of Wave VSC 2.0 and its advantages.
================================================================
https://www.wavesys.com/products/wave-virtual-smart-card