Information Security and ISO 27001
A Compliance Officer Turned Board Member's Advice
Cyberside Chats: Protect Your Crown Jewels – Nobody breaks into a bank to steal the posters
Unauthorized Access: An Inside Look at Incident Response
No Password Required: The Philosopher CISO of Tallahassee Who Lives to Help Other People
Cyberside Chats - Zero Trust and Cyber Negligence: A conversation with Dr. Zero Trust Chase Cunningham
No Password Required: A Former Police Officer Who Embodies All the Qualities of a Great Leader
Modernize your Information Governance: Building a Framework for Success
CyberSide Chats: Recap of the White House Cyber Summit (with Amanda Fennell)
Canna We Talk Cannabis? Cybersecurity Risks Bring Growing Pains to Cannabis Businesses
The Importance Of Cybersecurity During A Merger & Acquisition Transaction
Phishing and Vishing and Smishing (Oh my!): New Types of Scams Require Increased Vigilance
As cybersecurity threats escalate, state legislatures across the country are tightening requirements for how insurance entities respond to data breaches – and thanks to a new law just passed several weeks ago, Missouri is...more
Over half of US states require annual compliance certifications from insurance providers. While the filing time frames for this year draw to a close, companies may want to keep them in mind not only for next year, but as a...more
Covered entities received two cybersecurity wake up calls from insurance regulators this month. As we have reported, the New York State Department of Financial Services (DFS) issued its long-awaited first cyber enforcement...more
Virginia has a new law, the Insurance Data Security Act (New Law), going into effect on July 1, 2020, which will expand the data security and incident notification requirements on insurers licensed in the Commonwealth. The...more
What GCs, CIOs, CSOs and CPOs need to know about Ohio's new requirements under S.B. 273 - Please join GBQ and Bricker & Eckler for our Ohio Insurance Cybersecurity Seminar on Ohio Senate Bill 273 (codified @ Ohio Rev....more
Delaware (July 31, 2019) and New Hampshire (August 2, 2019) have become the latest states to add to the insurance cybersecurity landscape by enacting information security laws. These laws come on the heels of Connecticut’s...more
Ohio recently followed South Carolina as the second state to adopt cybersecurity legislation modeled after the NAIC’s Insurance Data Security Model Law. The Ohio law, Senate Bill 273, applies to insurers authorized to do...more
The National Association of Insurance Commissioners (NAIC) has approved its draft of the Insurance Data Security Model Law (Model Law) via a meeting of its Executive and Plenary Committees. This important development follows...more
The National Association of Insurance Commissioners (NAIC) Cybersecurity (EX) Working Group (Cybersecurity WG) approved Version 6 (Finalized) of its Insurance Data Security Model Law (Model) on August 7 at the NAIC Summer...more
The National Association of Insurance Commissioner’s (NAIC) model cybersecurity law will take center stage later this week at the group’s annual meeting in Denver. In its third draft, the Insurance Data Security Model...more
The New York Department of Financial Services has proposed new cybersecurity regulations “designed to promote the protection of customer information as well as the information technology systems of regulated entities...more
It’s a familiar pattern. First, new risks inspire legislation and regulations that impose new penalties. Next, insurers and policyholders fight over whether the new liabilities are covered under traditional liability...more