On August 7, 2017, the Office of Compliance Inspections and Examinations (“OCIE”) of the US Securities and Exchange Commission (“SEC”) announced the results of its second cybersecurity examination initiative.1 This initiative built on the SEC’s 2014 cybersecurity examination initiative (“Cybersecurity 1 Initiative”) but “involved more validation and testing of procedures and controls surrounding cybersecurity

Bylined article by Financial Services Regulatory & Enforcement partner Jeffrey Taft (Washington DC), Corporate & Securities partner Larry Hamilton (Chicago), Cybersecurity & Data Privacy partner Stephen Lilley (Washington DC) and Financial Services Regulatory & Enforcement associate Matthew Bisanz (Washington DC).

Continue reading.

On March 2, 2016, the National Association of Insurance Commissioners’ (NAIC) Cybersecurity Task Force proposed a comprehensive Model Law that is intended “to establish the exclusive standards for data security and investigation and notification of a breach of data security” for licensed insurance companies. The proposed Model Law would apply to all insurers, producers “and