U.S. Government Support Insurers Protection from Cyber Hacks

Uploaded on 2015-07-07 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

?controllerName=image&action=get&id=38626&format=nj2013_8_columns

Michael McRaith, Director of the Federal Insurance Office

The U.S government has the backs of insurers and their clients as they seek to protect themselves from, and adapt to, the fast-evolving threat of cyber attacks, Federal Insurance Office Director Michael McRaith assured an industry crowd on March 17.“We want to support the insurance industry as it seeks to protect itself from cyber incidents,” McRaith said during the Networks Financial Institute 11th Annual Public Policy Summit in Washington, D.C. “Cyber protection should be as strong as it is for any other financial institution.”

McRaith’s spoke to an audience that included property/casualty insurance, reinsurance, mutual insurance and life insurance lobbyists as well as other professionals. The FIO is part of the U.S. Department of Treasury, and he assured his audience that the Treasury Department (led by Treasury Secretary Jacob Lew and Deputy U.S. Treasury Secretary Sarah Bloom Raskin) has been actively collaborating with “regular law enforcement communities … state government agencies” and others in developing a cyber strategy.

In the wake of cyber attacks on Target, Home Depot, J.P. Morgan Chase, Anthem and others, McRaith said that Lew, Raskin and ultimately President Barack Obama have been paying attention. Among other initiatives: Obama announced plans in February to create the Cyber Threat Intelligent Integration Center, a new agency designed to fight cyber attackers by boosting information sharing between government and industry.

Cyber attacks “create challenges for financial institutions spanning the sector. For the American public, cyber risk can not only be confusion but also overwhelming,” McRaith said. “Because cyber threats transcend the boundaries of financial institutions, [Obama] has established a unified approach to strengthen and maintain critical function amidst cyber threats in 16 sectors, including financial services.”

McRaith also outlined a number of ways the federal government hopes to aid the insurance industry in face of the cyber attack onslaught. Among them he talked of the push for adoption of voluntary protection standards.
“This provides a risk-based approach to manage cyber security that can help manage insurers or policyholders’ risk profile,” McRaith said. “This framework does not replace existing approaches to enterprise risk management but instead can better inform those approaches when risk is cyber-related.”
McRaith said the Department of Treasury and FIO are eager to work with regulators at the state level on the matter. As well, he said, officials want to see more cyber risk policies added to underwriting in a bid to boost awareness and increase consumer transparency as to the risks involved.

While some in the domestic insurance world are wary about the U.S. interacting too much with its international regulatory counterparts, McRaith said that the effort makes sense for cyber risks. He noted that work continues, in part, through participation in the International Insurance Society, or IIS.
“Through the IIS we look to work with our counterparts around the world to establish international standards in the insurance sector relative to cyber security,” McRaith said.

He added that the FIO is interacting with the IIS financial crime task force, with a goal to “improve awareness response and recovery in the broader insurance business community.”
Claims Journal:  http://bit.ly/1HaYtwm

 

« Trade Groups Protest US Block on Digital Imports
‘Great Cannon’ China’s Weapon Shoots Down Internet Sites »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IT Security Guru

IT Security Guru

IT Security Gurus publish daily breaking news. interviews with the key thinkers in IT security, videos and the top 10 stories as picked by our Editor.

D-Fence

D-Fence

D-Fence high availability security service protects corporate email communication, the company and it's employee's against cyber threats.

Digital Hands

Digital Hands

Digital Hands is an award-winning managed security services provider.

SmartContractAudits.com

SmartContractAudits.com

SmartContractAudits.com is the leading platform for finding companies providing smart contract auditing services.

Brighterion

Brighterion

Brighterion solutions stop payment and acquirer fraud, reduce credit risk and delinquency, fight financial crime, prevent healthcare fraud, waste and abuse, and more.

Ensighten

Ensighten

Ensighten is a leader in Website Security & Privacy Compliance. Protect your website from malicious attacks, monitor & detect vulnerabilities, protect consumer data.

Redwall Technologies

Redwall Technologies

Redwall provides cybersecurity expertise and technology to prevent and respond to emerging threats against mobile applications and connected infrastructures.

Barikat Cyber Security

Barikat Cyber Security

Barikat is a provider of information security solution and services including security analysis and compliance, security testing, managed security services, incident response and training.

Presidio

Presidio

Presidio is a leading North American IT solutions provider focused on Digital Infrastructure, Business Analytics, Cloud, Security & Emerging solutions.

MS Tech Solutions

MS Tech Solutions

MS Tech Solutions is a Jamaican-based, multinational consulting company that specializes in the architecture, implementation and management of key network and Information technologies.

EPIQ Infotech

EPIQ Infotech

EPIQ Infotech is a trusted consulting and implementation partner for Oracle JD Edwards and Amazon Web Services (AWS).

Secuvy

Secuvy

Secuvy leads in data security, privacy, compliance, and governance, offering a unified platform for proactive data discovery, management, protection, and enhanced data value.

Tenchi Security

Tenchi Security

Tenchi Security are specialized in Third-Party Cyber Risk Management (TPCRM) and aim to reduce information asymmetry when it comes to third and Nth-Party security and compliance risk management.

IT-Schulungen.com / New Elements GmbH

IT-Schulungen.com / New Elements GmbH

Under the name IT-Schulungen.com, the Nuremberg-based New Elements GmbH has been operating one of the largest training centres in the German-speaking world for over 20 years.

Token Security

Token Security

Token is the new approach designed for the identity boom era. Introducing Machine-First Identity Security.

Terra Security

Terra Security

Terra Security is the first agentic-AI platform built for web application penetration testing.