U.S. Government Support Insurers Protection from Cyber Hacks

Uploaded on 2015-07-07 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

?controllerName=image&action=get&id=38626&format=nj2013_8_columns

Michael McRaith, Director of the Federal Insurance Office

The U.S government has the backs of insurers and their clients as they seek to protect themselves from, and adapt to, the fast-evolving threat of cyber attacks, Federal Insurance Office Director Michael McRaith assured an industry crowd on March 17.“We want to support the insurance industry as it seeks to protect itself from cyber incidents,” McRaith said during the Networks Financial Institute 11th Annual Public Policy Summit in Washington, D.C. “Cyber protection should be as strong as it is for any other financial institution.”

McRaith’s spoke to an audience that included property/casualty insurance, reinsurance, mutual insurance and life insurance lobbyists as well as other professionals. The FIO is part of the U.S. Department of Treasury, and he assured his audience that the Treasury Department (led by Treasury Secretary Jacob Lew and Deputy U.S. Treasury Secretary Sarah Bloom Raskin) has been actively collaborating with “regular law enforcement communities … state government agencies” and others in developing a cyber strategy.

In the wake of cyber attacks on Target, Home Depot, J.P. Morgan Chase, Anthem and others, McRaith said that Lew, Raskin and ultimately President Barack Obama have been paying attention. Among other initiatives: Obama announced plans in February to create the Cyber Threat Intelligent Integration Center, a new agency designed to fight cyber attackers by boosting information sharing between government and industry.

Cyber attacks “create challenges for financial institutions spanning the sector. For the American public, cyber risk can not only be confusion but also overwhelming,” McRaith said. “Because cyber threats transcend the boundaries of financial institutions, [Obama] has established a unified approach to strengthen and maintain critical function amidst cyber threats in 16 sectors, including financial services.”

McRaith also outlined a number of ways the federal government hopes to aid the insurance industry in face of the cyber attack onslaught. Among them he talked of the push for adoption of voluntary protection standards.
“This provides a risk-based approach to manage cyber security that can help manage insurers or policyholders’ risk profile,” McRaith said. “This framework does not replace existing approaches to enterprise risk management but instead can better inform those approaches when risk is cyber-related.”
McRaith said the Department of Treasury and FIO are eager to work with regulators at the state level on the matter. As well, he said, officials want to see more cyber risk policies added to underwriting in a bid to boost awareness and increase consumer transparency as to the risks involved.

While some in the domestic insurance world are wary about the U.S. interacting too much with its international regulatory counterparts, McRaith said that the effort makes sense for cyber risks. He noted that work continues, in part, through participation in the International Insurance Society, or IIS.
“Through the IIS we look to work with our counterparts around the world to establish international standards in the insurance sector relative to cyber security,” McRaith said.

He added that the FIO is interacting with the IIS financial crime task force, with a goal to “improve awareness response and recovery in the broader insurance business community.”
Claims Journal:  http://bit.ly/1HaYtwm

 

« Trade Groups Protest US Block on Digital Imports
‘Great Cannon’ China’s Weapon Shoots Down Internet Sites »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Zurich

Zurich

Zurich’s Security and Privacy policy is designed to manage financial and reputational costs as a result of a breach of network security or unauthorized access or release of private information.

Cybercrime Investigation & Coordinating Center (CICC)

Cybercrime Investigation & Coordinating Center (CICC)

The Cybercrime Investigation and Coordinating Center (CICC) is an attached agency of the Philippines Department of Information and Communications Technology (DICT).

Grupo CFI

Grupo CFI

Grupo CFI is the largest Spanish network of data protection and cybersecurity professionals.

Threatspan

Threatspan

Threatspan is a cybersecurity firm helping shipping and maritime enterprises achieve and maintain nautical resilience in an age of increasing cyber threats.

Open Cloud Factory

Open Cloud Factory

Open Cloud Factory is a European based security company, that strives to ease the pressure on IT managers, by providing tools to implement your Security Strategy in an effective and easy manner.

Alpine Security

Alpine Security

Alpine Security provides penetration testing, security assessments and cybersecurity training services.

iSolutions

iSolutions

iSolutions is an official reseller and engineering company of leading products and solutions for cybersecurity and information protection, optimization, visualization and control of applications

SyncDog

SyncDog

SyncDog is a leader in enterprise security and the preeminent vendor for containerized mobile application security across cloud & on-premise computing environments.

Simplilearn

Simplilearn

Simplilearn is the world's #1 online bootcamp for digital skills training in disciplines such as Cyber Security, Cloud Computing, Project Management, Digital Marketing, and Data Science.

CyberAcuView

CyberAcuView

CyberAcuView is a company dedicated to enhancing cyber risk mitigation efforts across the insurance industry.

KeyData Associates

KeyData Associates

KeyData is a recognized leader in cybersecurity services specializing in Identity and Access Management (IAM), Customer Identity & Access Management (CIAM) and Privileged Access Management (PAM).

Seemplicity

Seemplicity

Seemplicity revolutionizes the way security teams work by automating, optimizing and scaling all risk reduction workflows in one workspace.

Coviant Software

Coviant Software

Coviant Software delivers secure managed file transfer (MFT) software that integrates smoothly and easily with business processes.

CyberHub

CyberHub

CyberHub is an educational platform that offers professional courses and knowledge sharing through articles and videos to help students discover their potential in cybersecurity.

ThreatFabric

ThreatFabric

ThreatFabric integrates industry-leading threat intel, behavioral analytics, advanced device fingerprinting and over 10.000 adaptive fraud indicators.

Leaf IT

Leaf IT

Leaf IT are a pioneering cloud-first MSP, dedicated to helping businesses in the UK and Ireland. We focus on delivering tangible results for our clients through IT transformation.