May 29, 2013 by Canadian Underwriter
The New York government is asking some insurers that operate in the state what steps they take to protect their clients and themselves from cyber threats.
On Tuesday, the Department of Financial Services (DFS) sent “308 letters” to large insurance companies that it regulates, requesting information on their cyber security policies and procedures.
The “308 letter” is a request for information that the insurers are legally required to respond to, according to the government.
“The extraordinarily sensitive health, personal, and financial information that New Yorkers entrust to their insurance companies is a virtual treasure trove for hackers,” Governor Andrew Cuomo noted in a DFS statement.
“We’re intensely focused on making sure that banks have the protections in place they need, but we always have to keep at least one eye on the lookout for the next big threat,” he said. “It’s vital that we stay ahead of the curve on cyber security because we know hackers aren’t going to give us any breathing room.”
The letters include requests for:
“Cyber security at insurance companies is something that often gets overlooked, but it’s far too important to get caught in a blind spot,” noted Benjamin Lawsky, the state’s superintendent of financial services. “We need to make sure that those insurance records are protected from hack attacks that could put New Yorkers at risk.”
Lawsky also co-chairs the newly-formed Cyber Security Board, tasked with advising Cuomo’s administration on developments in cyber security and also making recommendations for protecting the state’s critical infrastructure and information systems.
Insurance companies that have had inquiries on their cyber security practices sent to them include:
Have your say: