New York State Department of Financial Services Superintendent Maria T. Vullo is scheduled to discuss the state’s new “first in the nation” cybersecurity regulation later this week at the National Association of Insurance Commissioners annual meeting in Denver.
The New York cyber regulation – which went into effect on March 1, 2017 – requires financial institutions and insurance companies that operate in the state to implement a complex series of technical and governance-based cybersecurity rules and safeguards.
Ms. Vullo will be addressing the NAIC’s Innovative and Technology Working Group on April 9, 2017.
For its part, the NAIC has its own hands full on the issue of cybersecurity regulation. Starting a year ago, an NAIC cyber task force went to work on a model cybersecurity law. The Insurance Data Security Model Law is now in its third iteration and will also be discussed at the group’s annual meeting. The NAIC model law its aimed at establishing “exclusive standards” for data security and the investigation and notification relating to data breaches by organizations governed by state insurance law.
Later this week, we will publish a blog post discussing the NAIC cybersecurity model law. Stay tuned.