Insurers Grappling With NY Cybersecurity Regs; More States To Follow – InsuranceNewsNet

InsuranceNewsNet — Your Industry. One Source.ℱ

Sign in
  • Subscribe
  • About
  • Advertise
  • Contact
Home Now reading Top Stories
Topics
    • Life Insurance News
    • Annuity News
    • Health/Employee Benefits
    • Property and Casualty
    • Advisor News
    • Washington Wire
    • Regulation News
    • Sponsored Articles
    • Monthly Focus
  • INN Exclusives
  • NewsWires
  • Magazine
  • Webinars
  • Free Newsletters
Sign in or register to be an INNsider.
  • Exclusives
  • NewsWires
  • Magazine
  • Webinars
  • Free Newsletters
  • Insider Pro
  • About
  • Advertise
  • Editorial Staff
  • Contact
  • Newsletters

Get Social

  • Facebook
  • Twitter
  • LinkedIn
INN Exclusives
Top Stories RSS Get our newsletter
Order Prints
September 6, 2018 Top Stories No comments
Share
Share
Tweet
Email

Insurers Grappling With NY Cybersecurity Regs; More States To Follow

By John Hilton InsuranceNewsNet

Cybersecurity is back in the news as banks, insurers and other financial entities faced another tough compliance hurdle in New York.

The Sept. 4 deadline brought another host of requirements contained within New York's tough cybersecurity initiative approved last year. The New York Department of Financial Services passed its own rules without waiting for state insurance commissioners, who later amended its model law to resemble the New York effort.

“New York stepped into the void and took decisive action to ensure appropriate minimum standards protecting financial institutions’ data systems, including consumers’ sensitive personal information," said Maria T. Vullo, superintendent of the DFS. "These new protections, which include encryption, access controls and audit trails, add crucial tools to the regulation’s prior requirements in protecting the institutions and consumers.”

Related stories

  • Inclusion ‘Is A Sense Of Being At Home,’ Speaker Tells NAIFA
  • Help Business Clients Navigate The Return To In-Person Work

The deadline requires companies to have started mandatory annual reporting to the board by its Chief Information Security Officer on critical aspects of the cybersecurity program, and have an audit trail designed to reconstruct material financial transactions.

Also, companies must implement encryption to protect nonpublic information held or transmitted by the company. There are other requirements as well.

"There are penalties that could apply if you have not taken some of the measures that are defined in this regulation," said Patrick Knight, senior director of cyber strategy and technology for Veriato. "For example, if there is a breach, it’s specified that once a breach is identified you have a 72-hour window to start notifying those affected by it. Well, 72 hours can go by very quickly if you don’t know what you’re doing."

Spreading To Other States

New York might have gone first, but it will not be the last state to tackle cybersecurity regulations. As of May, there were at least 36 other states, including the District of Columbia and Puerto Rico, working on some type of regulation for cybersecurity in financial services, said Ari Vared, senior director of product at CyberPolicy and CoverHound.

"Overall, I think there’s a movement," he added. "Where it stands today is a moving target. Obviously, New York has put the strongest stake in the ground and is leading the way in a lot of ways."

New York found a way to limit the impact on smaller companies through exemptions.

Retail financial advisors with fewer than 1,000 customers, less than $5 million in gross annual revenue and less than $10 million in year-end assets benefit from a “limited exemption,” according to the NYDFS regulations.

But there are no exemptions for third parties doing business as affiliated service providers with banks, insurance companies and distributors.

"The larger organizations have the resources and the money to absorb this and it won’t be a big impact," said Jamie Pickles, general manager of insurance for Jornaya, a marketing and technology consulting company. "Smaller organizations are mostly exempt, so it will be the mid-sized companies that will be impacted the most."

New York regulators say the far-reaching proposal is necessary to protect the public interest. Recent data breaches point to network threats from abroad that are able to penetrate as deep as the U.S. election process.

Not Just Hackers

The cybersecurity regulations cover not just outside hackers. Companies are required to provide oversight of anyone who has access to their data.

"Organizations that are collecting data and have data on people stored in databases, they need to have monitoring of the people who have access to that information to make sure they’re handling it properly," Knight said.

"To make sure that they’re not downloading all of the contents of that database and taking it to a competitor. Or to post it on the dark web. This is the world we live in now."

The New York cybersecurity rules will take full effect in March 2019.

InsuranceNewsNet Senior Editor John Hilton has covered business and other beats in more than 20 years of daily journalism. John may be reached at [email protected]

© Entire contents copyright 2018 by InsuranceNewsNet.com Inc. All rights reserved. No part of this article may be reprinted without the expressed written consent from InsuranceNewsNet.com.

 

 

 

Older

Ohio National To Lay Off 300, Drop Annuity Lines

Newer

Competitors In Line To Profit From Ohio National Dropping Annuities

Advisor News

  • 'Sandwich generation' survey says Americans caring for children and aging parents are financially stressed
  • Jury finds Lexington investment advisor, guilty of charges related to fraud
  • Chicago investment advisor indicted for allegedly swindling clients out of $683,000
  • Will the family maximum limit my Social Security benefits?
  • South Florida resort sold for $835M, biggest deal for a U.S. hotel since pandemic started
More Advisor News

Annuity News

  • Winning $754.6M Powerball ticket sold in Washington
  • $747 million Powerball jackpot still up for grabs
  • Study: Does pessimism really suppress annuity sales?
  • Sweet streams of income: ChatGPT, the bard of annuities
  • F&G Annuities & Life announces equity investment in life IMO SYNCIS
Sponsor
More Annuity News

Health/Employee Benefits News

  • Wyoming Medicaid expansion set to die in the House
  • Bitter with the sweet on Medicaid expansion
  • Texans brace for the end of nearly three years of pandemic Medicaid coverage
  • Survey: Annual 2022 health premiums steady, but may be ‘calm before the storm’
  • Florida looks to double amount of medical-marijuana licenses
More Health/Employee Benefits News

Life Insurance News

  • Jury hears about financial crimes in Murdaugh murder trial
  • In Murdaugh murder trial, the path to conviction remains unclear
  • Libby Murdaugh's caretaker saw Alex night of murders for '20 minutes', but he said '30 to 40'
  • SC judge in Murdaugh murder trial allows jury to hear alleged financial crime motive
  • How the cases in Alex Murdaugh's murder trial are shaping up
More Life Insurance News

- Presented By -

Top Read Stories

  • Allstate reports $1.4B loss for 2022; increases rates, policy restrictions
  • American Equity readies 2022 earnings report amid ongoing conflicts
  • Research on Oral Health Detailed by Researchers at University of Washington (Health insurance is associated with dental care use among university students in Washington State): Health and Medicine – Oral Health
  • Changes to Ky. unemployment system not good news for those out of work
  • Doctor convicted of using adulterated equipment
More Top Read Stories >

FEATURED OFFERS

Meet Encova Life
We know agents matter. You can count on our life team to be high tech, high touch and responsive.

How to Write For InsuranceNewsNet

Find out how you can submit content for publishing on our website.
View Guidelines

Topics

  • Life Insurance News
  • Annuity News
  • Health/Employee Benefits
  • Property and Casualty
  • Advisor News
  • Washington Wire
  • Regulation News
  • Sponsored Articles
  • Monthly Focus

Top Sections

  • Life Insurance News
  • Annuity News
  • Health/Employee Benefits News
  • Property and Casualty News
  • AdvisorNews
  • Washington Wire
  • Insurance Webinars

Our Company

  • About
  • Editorial Staff
  • Magazine
  • Write for INN
  • Advertise
  • Contact

Sign up for our FREE e-Newsletter!

Get breaking news, exclusive stories, and money- making insights straight into your inbox.

select Newsletter Options
Facebook Linkedin Twitter
© 2023 InsuranceNewsNet.com, Inc. All rights reserved.
  • Terms & Conditions
  • Privacy Policy
  • AdvisorNews

Sign in with your Insider Pro Account

Not registered? Become an Insider Pro.