U.S. Government Support Insurers Protection from Cyber Hacks

?controllerName=image&action=get&id=38626&format=nj2013_8_columns

Michael McRaith, Director of the Federal Insurance Office

The U.S government has the backs of insurers and their clients as they seek to protect themselves from, and adapt to, the fast-evolving threat of cyber attacks, Federal Insurance Office Director Michael McRaith assured an industry crowd on March 17.“We want to support the insurance industry as it seeks to protect itself from cyber incidents,” McRaith said during the Networks Financial Institute 11th Annual Public Policy Summit in Washington, D.C. “Cyber protection should be as strong as it is for any other financial institution.”

McRaith’s spoke to an audience that included property/casualty insurance, reinsurance, mutual insurance and life insurance lobbyists as well as other professionals. The FIO is part of the U.S. Department of Treasury, and he assured his audience that the Treasury Department (led by Treasury Secretary Jacob Lew and Deputy U.S. Treasury Secretary Sarah Bloom Raskin) has been actively collaborating with “regular law enforcement communities … state government agencies” and others in developing a cyber strategy.

In the wake of cyber attacks on Target, Home Depot, J.P. Morgan Chase, Anthem and others, McRaith said that Lew, Raskin and ultimately President Barack Obama have been paying attention. Among other initiatives: Obama announced plans in February to create the Cyber Threat Intelligent Integration Center, a new agency designed to fight cyber attackers by boosting information sharing between government and industry.

Cyber attacks “create challenges for financial institutions spanning the sector. For the American public, cyber risk can not only be confusion but also overwhelming,” McRaith said. “Because cyber threats transcend the boundaries of financial institutions, [Obama] has established a unified approach to strengthen and maintain critical function amidst cyber threats in 16 sectors, including financial services.”

McRaith also outlined a number of ways the federal government hopes to aid the insurance industry in face of the cyber attack onslaught. Among them he talked of the push for adoption of voluntary protection standards.
“This provides a risk-based approach to manage cyber security that can help manage insurers or policyholders’ risk profile,” McRaith said. “This framework does not replace existing approaches to enterprise risk management but instead can better inform those approaches when risk is cyber-related.”
McRaith said the Department of Treasury and FIO are eager to work with regulators at the state level on the matter. As well, he said, officials want to see more cyber risk policies added to underwriting in a bid to boost awareness and increase consumer transparency as to the risks involved.

While some in the domestic insurance world are wary about the U.S. interacting too much with its international regulatory counterparts, McRaith said that the effort makes sense for cyber risks. He noted that work continues, in part, through participation in the International Insurance Society, or IIS.
“Through the IIS we look to work with our counterparts around the world to establish international standards in the insurance sector relative to cyber security,” McRaith said.

He added that the FIO is interacting with the IIS financial crime task force, with a goal to “improve awareness response and recovery in the broader insurance business community.”
Claims Journal:  http://bit.ly/1HaYtwm

 

« Trade Groups Protest US Block on Digital Imports
‘Great Cannon’ China’s Weapon Shoots Down Internet Sites »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

L3Harris United Kingdom

L3Harris United Kingdom

L3Harris UK (formerly L3 TRL Technology) designs and delivers advanced electronic warfare and cyber security solutions for the protection of people, infrastructure and assets.

CERT-EU

CERT-EU

CERT-EU is a permanent Computer Emergency Response Team for the EU institutions, agencies and bodies.

Backup Technology

Backup Technology

Backup Technology is a world leader in the Online Cloud Backup, Disaster Recovery and Business Continuity market.

KoolSpan

KoolSpan

KoolSpan’s security and privacy solutions address the growing threat of loss or theft of intellectual property, information, and proprietary assets.

Guardian360

Guardian360

The Guardian360 platform offers unrivalled insight into the security of your applications and IT infrastructure.

Avatier

Avatier

Avatier identity management software products automate identity access management, user provisioning and IT governance to ensure information security and compliance.

FedRAMP

FedRAMP

FedRAMP, is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.

Living Security

Living Security

Living Security specializes in metric driven and engaging security awareness solutions that reduce risk by increasing security culture and changing employee behaviour.

The Cyber Security Expert

The Cyber Security Expert

The Cyber Security Expert delivers cyber security consultancy, website and cloud security monitoring services, and specialist training services.

Cybersecurity & Infrastructure Security Agency (CISA)

Cybersecurity & Infrastructure Security Agency (CISA)

CISA leads the national effort to defend critical infrastructure against the threats of today and to secure against the evolving risks of tomorrow.

6point6

6point6

6point6 is a technology consultancy with strong expertise in digital transformation, emerging technology and cyber security.

Coralogix

Coralogix

Coralogix are rebuilding the path to observability using a real-time streaming analytics pipeline that provides monitoring, visualization, and alerting capabilities without the burden of indexing.

Innov8tif

Innov8tif

Innov8tif is an AI company specialised in providing ID assurance solutions — helping digital businesses to prevent frauds by verifying and authenticating customers identity.

CipherStash

CipherStash

CipherStash is a complete data governance and breach prevention platform.

PDQ

PDQ

PDQ helps IT professionals to manage and organize hardware, software, and configuration data for Windows- and Apple-based devices.

XY Cyber

XY Cyber

XY Cyber enable Generative AI for Cyber Operations. We simplify the complex world of cyber threats into actionable strategies, empowering your defense with AI-powered solutions.