Cybersecurity is front and center now, especially for the financial services industry which includes insurance and reinsurance companies, among others. States and regulators are passing laws and promulgating regulations designed to protect customer data in the possession of insurers and their associates. These new statutes and regulations aimed at the insurance industry are in addition to the myriad of other requirements imposed by government for the protection of this data.
Aaron J. Aisen, co-chair of the regulatory sub-practice group in the Global Insurance Services Practice Group and a member of the Cybersecurity and Data Privacy Practice Group at Goldberg Segalla recently gave a webinar entitled: Navigating the Legal Landmines of Cybersecurity Regulation. The webinar can be heard on Vimeo.
This webinar covers the history of cybersecurity in the insurance space and provides a framework for navigating the potential regulatory landmines based on lessons learned from the implementation of the New York cybersecurity regulation for financial institutions. The framework consists of three principles: 1) Identifying what applies to whom; 2) Identifying who is doing what; and 3) Getting the message out to employees. This webinar also briefly touches on the other regulations that could affect the cybersecurity programs of those in the insurance space. Finally, a proactive approach to creating a cybersecurity program to ensure compliance with the myriad of regulations is recommended. While this webinar focuses on the insurance space, the framework presented is also instructive for other industries.