Cybersecurity awareness month is nigh upon us again, and thus perspective is in order. 2016 brought us the first collection and analysis of the nascent claims history of the burgeoning cyber-insurance market. On August 27, 2016, the National Association of Insurance Commissioners (NAIC) released its “Report on the Cybersecurity Insurance Coverage Supplement,” which provides helpful analysis of NAIC’s first data cull from insurers writing various forms of cyber coverage. ... Keep Reading »
NAIC
NAIC Exposes Revised Draft Model Cybersecurity Law for Insurers for Public Comment
Insurers are a prime target for hackers as a result of the vast stores of valuable data they maintain. Not all information is created equal, and it varies in value. Hacker services and software, illegal drugs, cyberweapons, and all kinds of other types of stolen, confidential, and compromised information is monetized and traded daily on darknet markets using various forms of cryptocurrency, by governments, hackers, criminals, and businesses. While a stolen credit card ... Keep Reading »
Cybersecurity as a Regulatory Issue: The NAIC Considers The Anthem Breach And Weighs a “Cybersecurity Bill of Rights”
The Cybersecurity Task Force of the National Association of Insurance Commissioners (the "NAIC") met last month, as part of on the NAIC's 2015 Summer National Meeting in Chicago. The Task Force focused on two issues: the recent massive data breach suffered by Anthem, Inc., and a draft "Consumer Cybersecurity Bill of Rights" that was released for public comment in late July. The Anthem Breach Anthem's general counsel reported that the FBI has completed its ... Keep Reading »
Cyber Risk as a Regulatory Issue: Tales of Encryption
Spurred by the prescient reporting found in this space (and, just maybe, by the Anthem data breach, which occurred a week later), insurance regulators have recently engaged in a flurry of regulatory activity relating to cyber security issues. Very shortly after the Anthem breach was announced, the newly-formed Cybersecurity (EX) Task Force of the National Association of Insurance Commissioners (NAIC) called for a multi-state examination of Anthem's cybersecurity ... Keep Reading »
California Bans Use of Price Optimization
Yesterday California Insurance Commissioner Dave Jones became the latest voice in a growing chorus of state insurance regulators who condemn the use of "Price Optimization" as a mechanism for adjusting property-casualty insurance rates and pricing. In a Notice delivered to more than 750 P&C insurers, the Commissioner declared that "any use of Price Optimization in the ratemaking/pricing process or in a rating plan is unfairly discriminatory in violation of ... Keep Reading »
Cyber Risk as a Regulatory Issue: A Connecticut Regulator Shares Her Insights
Even at Sony, cyber security was a hot topic before Kim Jong-un took an interest in Seth Rogen’s oeuvre. In 2011, hackers gained access to the personal and financial information Sony had collected on more than 100 million participants in its on-line gaming networks. The incident was the subject of more than 60 class actions, for which Sony announced a settlement last summer. Sony’s plight illustrates one facet of the interrelationship between cyber risk and ... Keep Reading »
In Opposing Global Capital Standards for International Insurers, NCOIL Roils Domestic Industry
In July, the International Association of Insurance Supervisors (IAIS), a membership organization that represents insurance regulators and supervisors in more than 100 countries, released for public consultation a set of proposed basic capital requirements for “global systemically important insurers” (“G-SIIs”). Within days, the National Conference of Insurance Legislators (NCOIL), a nonprofit group that represents state legislators in Washington, adopted a ... Keep Reading »
NAIC Hears Renewed Calls for Regulation of Automated Claims Tools
On December 1, 2012, for the second time this year, the Market Regulation and Consumer Affairs (D) Committee of the National Association of Insurance Commissioners heard presentations about insurers’ use of computerized systems to assist in the adjustment of bodily injury and property claims. The hearing concentrated on three products: Computer Science Corporation’s “Colossus,” ISO’s “Claims Outcome Advisor” and Xactware Solutions, Inc.’s “Xactimate.” The ... Keep Reading »