Training fields

Regulators predict a storm of cybersecurity activity | Carlton Fields

Posted on Author Doris J. Jackson Comments Off on Regulators predict a storm of cybersecurity activity | Carlton Fields

[ad_1]

In September and October 2021 alone, the Federal Trade Commission, the New York State Department of Financial Services, and the Securities and Exchange Commission all signaled their plans for a cybersecurity storm.

FTC

On September 13, 2021, the Federal Trade Commission (FTC) submitted a report to Congress identifying four priority areas for its ongoing work on data privacy and security. Most important for life insurers is the agency’s plan to expand its understanding and guidance around the use of algorithms, which could impact life insurers’ underwriting processes. The FTC also called on Congress to “pass data privacy and security legislation enforceable by the FTC,” for which the FTC called for “expanded civil enforcement authority.” [and] APA Regulatory Authority. The FTC responded to the report by issuing revisions to its safeguard rule and a supplemental notice of proposed rulemaking to require reporting to the FTC within 30 days of security incidents reasonably likely to affect 1,000 or more consumers.

DFS

On October 22, 2021, the New York State Department of Financial Services (DFS) issued a letter clarifying that Covered Entities remain responsible for their cybersecurity obligations regardless of an Affiliate’s cyber program reliance. Where a Covered Entity adopts all or part of an Affiliate’s Cybersecurity Program, the Entity shall “Make available to DFS, upon request, all ‘Documentation and Information’ relevant to its Cybersecurity Programs…including understood[ing] … programs adopted by an affiliate. For Covered Entities that depend on Affiliates not otherwise regulated by DFS, this will require contractual provisions:

  • Require Affiliate to comply with cybersecurity regulatory requirements with respect to any Affiliate information system shared with the Covered Entity; and
  • Provide the Covered Entity with access, “at a minimum”, to the Affiliate’s cybersecurity policies and procedures, risk assessments, penetration testing and vulnerability assessment results, and any third-party audit related to the adopted parts of the Affiliate’s cybersecurity program.

SECOND

On October 29, 2021, SEC Commissioner Elad Roisman delivered a speech in which he encouraged entities to:

  • Learn from the SEC’s guidance on cybersecurity, particularly the Cybersecurity and Resilience Observations it issued in January 2020; and
  • Take steps to prevent and mitigate damage from cybersecurity attacks, including:
    • Have an incident response plan;
    • “Identify, upstream, certain service providers and experts that a registrant must call upon in the event of a cybernetic incident”; and
    • Carry out a “tabletop” exercise.

Roisman also expressed support for continued enforcement action and his belief that the SEC should “consider rules that provide registrants – particularly investment advisers and public issuers – with a better sense of what we expect. of them in today’s market”, especially regarding infringement notification. .

In addition to all of this, the NAIC is establishing a new Innovation, Cybersecurity, and Technology (H) Committee, including a Cybersecurity (H) Task Force. A draft of the tasks of the working group includes:

  • Monitor cybersecurity trends that may affect the insurance industry;
  • Advice on the development of cybersecurity training for state insurance regulators;
  • Promote communication between state insurance departments regarding cybersecurity risks and events;
  • Oversee the development of a cybersecurity regulatory response guidance document to assist state insurance regulators in the investigation of insurance cyber occurrences;
  • Coordinate the cybersecurity work of the NAIC committee between working groups;
  • Work with the Center for Insurance Policy and Research to analyze information related to cybersecurity;
  • Support state implementation efforts related to the passage of the Model Law on Insurance Data Security (#668); and
  • Collaborate with federal and international supervisors and agencies on cybersecurity risk management and assessment.

With your shovels and your salts, the forecasts promise to be icy.

[ad_2]
Source link

Related posts:

  1. East Belfast GAA training fields searched for explosive devices
  2. MLS to Enable Individual Practice at Team Training Grounds – The Denver Post
  3. Bears name Justin Fields starting QB, preach patience with rookie
  4. The Justin Fields era begins for the Bears
Doris J. Jackson
https://www.clevedon.org

Related Articles
Training fields

Justin Fields’ breakthrough could have happened sooner

Posted on Author Doris J. Jackson

[ad_1] It was a straightforward explanation from tight end Cole Kmet of how the passing game started to click in Monday night’s second half of a 29-27 loss to Pittsburgh. Once again, however, this is a testament to how the Bears brought in rookie quarterback Justin Fields through the offseason, training camp and preseason. Or […]
Training fields

Fields and Prax Reps Discuss Split of DHSS and Other Alaskan Healthcare Initiatives – State of Reform

Posted on Author Doris J. Jackson

[ad_1] Members of the Alaska House of Representatives worked on several health care initiatives during the 2022 legislative session. In this conversation, Rep. Mike Prax (R-North Pole) and Rep. Zack Fields (D -Anchorage) are discussing their health policy priorities with State of Reform. Get the latest information on state-specific policies for the healthcare […]
Training fields

Standard Bank highlights job opportunities in these fields – and the types of jobs that will be automated

Posted on Author Doris J. Jackson

[ad_1] South African businesses are already seeing AI-based automation rolling out in digital and communication spaces, and this trend is expected to continue over the coming year, says Michael Daniels, Head of Automation at group and shared capacity at Standard Bank. Daniels said two of the most common ways companies use to engage in automation […]