U.S. Government Support Insurers Protection from Cyber Hacks

Uploaded on 2015-07-07 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

?controllerName=image&action=get&id=38626&format=nj2013_8_columns

Michael McRaith, Director of the Federal Insurance Office

The U.S government has the backs of insurers and their clients as they seek to protect themselves from, and adapt to, the fast-evolving threat of cyber attacks, Federal Insurance Office Director Michael McRaith assured an industry crowd on March 17.“We want to support the insurance industry as it seeks to protect itself from cyber incidents,” McRaith said during the Networks Financial Institute 11th Annual Public Policy Summit in Washington, D.C. “Cyber protection should be as strong as it is for any other financial institution.”

McRaith’s spoke to an audience that included property/casualty insurance, reinsurance, mutual insurance and life insurance lobbyists as well as other professionals. The FIO is part of the U.S. Department of Treasury, and he assured his audience that the Treasury Department (led by Treasury Secretary Jacob Lew and Deputy U.S. Treasury Secretary Sarah Bloom Raskin) has been actively collaborating with “regular law enforcement communities … state government agencies” and others in developing a cyber strategy.

In the wake of cyber attacks on Target, Home Depot, J.P. Morgan Chase, Anthem and others, McRaith said that Lew, Raskin and ultimately President Barack Obama have been paying attention. Among other initiatives: Obama announced plans in February to create the Cyber Threat Intelligent Integration Center, a new agency designed to fight cyber attackers by boosting information sharing between government and industry.

Cyber attacks “create challenges for financial institutions spanning the sector. For the American public, cyber risk can not only be confusion but also overwhelming,” McRaith said. “Because cyber threats transcend the boundaries of financial institutions, [Obama] has established a unified approach to strengthen and maintain critical function amidst cyber threats in 16 sectors, including financial services.”

McRaith also outlined a number of ways the federal government hopes to aid the insurance industry in face of the cyber attack onslaught. Among them he talked of the push for adoption of voluntary protection standards.
“This provides a risk-based approach to manage cyber security that can help manage insurers or policyholders’ risk profile,” McRaith said. “This framework does not replace existing approaches to enterprise risk management but instead can better inform those approaches when risk is cyber-related.”
McRaith said the Department of Treasury and FIO are eager to work with regulators at the state level on the matter. As well, he said, officials want to see more cyber risk policies added to underwriting in a bid to boost awareness and increase consumer transparency as to the risks involved.

While some in the domestic insurance world are wary about the U.S. interacting too much with its international regulatory counterparts, McRaith said that the effort makes sense for cyber risks. He noted that work continues, in part, through participation in the International Insurance Society, or IIS.
“Through the IIS we look to work with our counterparts around the world to establish international standards in the insurance sector relative to cyber security,” McRaith said.

He added that the FIO is interacting with the IIS financial crime task force, with a goal to “improve awareness response and recovery in the broader insurance business community.”
Claims Journal:  http://bit.ly/1HaYtwm

 

« Trade Groups Protest US Block on Digital Imports
‘Great Cannon’ China’s Weapon Shoots Down Internet Sites »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ForgeRock

ForgeRock

ForgeRock, the leader in digital identity, delivers comprehensive Identity and Access Management solutions for consumers, employees and things to simply and safely access the connected world.

KFSensor

KFSensor

KFSensor is an advanced 'honeypot' intrusion and insider threat detection system for Windows networks.

Focal Point Data Risk

Focal Point Data Risk

Focal Point is a pure-play data risk management provider capable of offering end-to-end consulting, implementation, and training services.

Trapezoid

Trapezoid

Trapezoid is a cybersecurity company developing Firmware Integrity Management solutions designed to detect unauthorized changes to firmware & BIOS across the entire data center infrastructure.

Spire Solutions

Spire Solutions

Spire Solutions is the Middle East & Africa region’s leading cybersecurity solution provider and value-added distributor (VAD).

Webtotem

Webtotem

Webtotem's mission is to prevent the global epidemic of website infection and provide every website owner with basic security rights.

NeuroChain

NeuroChain

NeuroChain is an intelligent ecosystem that is more secure, more reliable and much faster than blockchain.

Udacity

Udacity

Udacity's mission is to train the world’s workforce in the careers of the future. Our programs range from beginner to expert levels and deliver the hands-on skills for real-world expertise.

Almond

Almond

Almond is positioned as a key independent French player in audit and consulting in the fields of Cybersecurity, Cloud and Infrastructure.

Digitale Gründerinitiative Oberpfalz (DGO)

Digitale Gründerinitiative Oberpfalz (DGO)

Digital Founder Initiative Oberpfalz's goal is to build a sustainable start-up culture in the field of digitization throughout the Upper Palatinate district of Bavaria.

Blackpanda

Blackpanda

Blackpanda is Asia’s premier cyber security incident response group, hyper-focused on digital forensics and cyber crisis response.

Flotek

Flotek

Flotek is an IT & Comms service provider delivering SMEs with trusted, innovative and cost effective cloud technology, with confidence, clarity and clout.

MAUSHIELD

MAUSHIELD

MAUSHIELD is the national platform for sharing cyber threat information and intelligence that can help organisations to improve their cybersecurity posture, minimize risks and prevent cyber-attacks.

Spec

Spec

Spec is the only no-code orchestration platform that protects enterprise fraud defenses from being blocked, bypassed, and manipulated by modern attack tactics.

Post-Quantum Cryptography Alliance (PQCA)

Post-Quantum Cryptography Alliance (PQCA)

The alliance seeks to address cryptographic security challenges posed by quantum computing by producing high-assurance software implementations of standardized algorithms.

Xcede

Xcede

Xcede are global technology recruitment specialists. We connect companies with exceptional professionals who empower growth.