NY Cybersecurity Compliance Requirements
Updated: Sep 25, 2018
BY: DAVID BURGESON | AUGUST 14, 2018
RSI's COO, David Burgeson, joined Howard W. Greene and Theodore Taveras to discuss the topic of cybersecurity in the insurance industry. They share their wisdom regarding compliance, regulations, and how a company should respond to a cybersecurity threat and describe how their companies guarantee data security of third-party apps. They also explain how they dispose of data properly and share tips on how to strengthen a company’s cybersecurity in accordance with the new regulations.
Where the insurance industry currently stands on cybersecurity regulations?
Who are the covered entities under the regulations?
What Section 500.06 all about and what it requires.
How brokers detect and respond to cybersecurity events.
How long companies should retain records.
How companies can test the security of third-party apps.
How often companies should review their testing procedures.
What counts as secured disposal of data?
The type of data you can't dispose of easily.
The kind of policies and procedures brokers can reasonably implement.
Why encryption is a non-option for data security.
Their advice to those wanting to enter the insurance industry.
Check out the podcast here:
“Most of the data breaches aren't from the third world, but internally.” - David Burgeson
Subscribe to receive real-time notifications of current publications - here