Insights

Every day, Kivu engages with clients recovering from devastating ransomware attacks. Usually, that entails discussing a client’s recovery needs with its insurer to determine whether recovery can be reimbursed. Kivu's Vice President of Advisory Services, Adam Tyra's most recent article dives into the concept of "betterment" and offers guidelines to define "betterment".

Join Kivu Consulting's Director of Incident Response, Candice Wendt for an interview with King & Spalding's Chief Privacy Officer and Data, Privacy, and Security Practice Lead, Phyllis Sumner.

There are many vulnerabilities that criminals can exploit for a ransomware event, and organizations must account for them all. Well-known tactics like phishing and brute force attacks receive the most attention. However, more obscure threats like “malvertising” can also become the organization’s Achilles heel.

The Russian conflict against Ukraine brought devastating impacts for both nations.  Beyond the initial tragedy, as fighting continues and sanctions sink in, government and industry can expect cascading implications of a global magnitude.  Those implications include greater cyber risk. What does that mean for paying ransom demands?

In the wake of Russia's invasion into Ukraine, some have suggested that the United States might respond with cyberattacks against Russia. While a preemptive cyberattack on another nation is a jarring proposal, it certainly isn't new. 

While far from the front lines, US companies clearly have an increased cyber risk from the Russian instigated conflict against Ukraine.  After Russian military hackers carried out intensive cyberattacks against several of Ukraine’s banks and government websites, Britain's National Cyber Security Centre (NCSC) warned of potential cyberattacks with "international consequences."

As employers allow more employees to work from home, safeguarding company networks continues to be a challenge. To mitigate the increased risk from phishing campaigns targeting remote workers, many companies have adopted two-factor authentication (2FA).

In the digital age, loss of access to business technology has the potential to destroy overnight what a company has spent decades building.

On December 9, 2021, an exploit proof-of-concept was made publicly available for a vulnerability in open-source logging utility, Apache Log4j versions 2.14.1 and below. This exploit, CVE number 2021-44228, allows attackers to force vulnerable applications to remotely run arbitrary code without authentication, resulting in a complete compromise of the application and the system running the application. 

Kivu’s Post Breach Remediation team has excelled at restoring normal IT operations for clients in the wake of ransomware attacks, routinely getting systems back online in hours or days. But response at this speed has one very significant drawback- the risk of recurrence.

Clive Cully, UK Director joined experts from Marsh and Microsoft for a webinar discussing the Changing Face of Cyber Claims report, which provided insights into managing and mitigating cyber risk and claims.

The FinCEN and OFAC advisories offer a warning to all those providing ransomware response services or insurance coverage for ransomware payments.