N.Y. to Monitor Insurers’ Cybersecurity Measures
New York State Department of Financial Services (DFS) released a report Feb. 9 on cybersecurity in the New York insurance industry and announced a series of measures that DFS will take to help strengthen cyber hacking defenses at insurers.
DFS announced that in the coming weeks and months, the department will proceed with a number of initiatives to help strengthen cybersecurity at its regulated insurance companies.
These initiatives will include integrating regular, targeted assessments of cybersecurity preparedness at insurers as part of the department’s examination process; putting forward enhanced regulations requiring institutions to meet heightened standards for cybersecurity; and exploring stronger measures related to the representations and warranties insurers receive from third-party vendors.
“Recent cybersecurity breaches should serve as a stern wake up call for insurers and other financial institutions to strengthen their cyber defenses,” said New York Financial Services Superintendent Benjamin M. Lawsky.
DFS’s report highlighted results from a survey of 43 insurance entities that was conducted in 2013 and 2014. Of the total 43 insurance providers that completed DFS’s questionnaire, 21 were health insurance providers, 12 were property/casualty insurance providers, and 10 were life insurance providers. The combined assets of the surveyed entities were approximately $3.2 trillion .
In the survey, 58 percent of insurers reported that they experienced no cybersecurity breaches in the three years preceding the survey, excluding failed attempts. Still, 35 percent reported experiencing between one and five breaches, 2 percent reported experiencing between six and 10, and 5 percent reported experiencing more than 10 breaches.
The survey said that despite the number of breaches they experienced collectively, the institutions reported experiencing “relatively few negative effects” as a result of the breaches or hacking attempts. The survey said 12 percent of the insurers reported disruption to their telecommunications networks as a result of a breach, 7 percent reported insider access breaches, 5 percent reported account takeovers, and 2 percent reported data integrity breaches. None reported identity theft, third-party payment processor breaches, supply chain infiltration, or website defacement.
- Swiss Re to Withdraw From Digital Insurer iptiQ, Reports Strong Q1 Net Income of $1.1B
- Insurance Companies Feeling the Pressure in Iowa and the Midwest
- Popular SC Country Music Venue Shuts Down Due to Liquor Liability Insurance Costs
- Lindberg Convicted in Second Trial on Attempting to Bribe NC Insurance Commissioner