As cybersecurity threats escalate, state legislatures across the country are tightening requirements for how insurance entities respond to data breaches – and thanks to a new law just passed several weeks ago, Missouri is...more
On July 15, 2021, Wisconsin Governor Tony Evers signed Act 73 (Act) into law, making Wisconsin the latest state to adopt the National Association of Insurance Commissioner's (NAIC) model cybersecurity law. Most recently, Iowa...more
As remote work continues, employers have begun to characterize remote workers as the “invisible workforce” – because remote workers are not able to be seen or monitored in the same way as those performing in-person work. The...more
Maine has become the latest state to adopt a version of the National Association of Insurance Commissioners (NAIC) model cybersecurity law. Signed into law on March 17, 2021, the Maine Insurance Data Security Act establishes...more
In early March, the New York State Department of Financial Services (“NYDFS”) announced a consent order that required Maine-based mortgage servicer Residential Mortgage Services, Inc. (“Residential”) to pay a $1.5 million...more
As cybersecurity attacks have continued to gain prominence as a threat posing critical risk management and compliance challenges for financial institutions, the Securities and Exchange Commission (SEC) has emerged as an...more
Tuesday, September 4, 2018 marked the New York State Department for Financial Service’s deadline for compliance with several sections of cybersecurity regulation 23 NYCRR 500 (the “Regulation”). The Regulation covers any...more
The Commission's "new" cybersecurity guidance largely rehashes existing guidance, as is highlighted by objections from two commissioners. At most, the additional qualitative guidance is incremental. It reiterates the need to...more
• NAIC recently adopted an Insurance Data Security Model Law that follows the risk assessment-based approach of the New York DFS Cybersecurity Regulation. This signals the growing influence of the New York Regulation,...more
In a case of “cyber meets securities fraud,” the United States Attorney’s Office for the Southern District of New York (“SDNY”) recently indicted three foreign nationals on charges of insider trading, wire fraud, and computer...more