On August 7, 2017, the Office of Compliance Inspections and Examinations (“OCIE”) of the US Securities and Exchange Commission (“SEC”) announced the results of its second cybersecurity examination initiative.1 This initiative built on the SEC’s 2014 cybersecurity examination initiative (“Cybersecurity 1 Initiative”) but “involved more validation and testing of procedures and controls surrounding cybersecurity
Cyber Hygiene
The New York State DFS Cybersecurity Regulation: Preparing for Compliance
Bylined article by Financial Services Regulatory & Enforcement partner Jeffrey Taft (Washington DC), Corporate & Securities partner Larry Hamilton (Chicago), Cybersecurity & Data Privacy partner Stephen Lilley (Washington DC) and Financial Services Regulatory & Enforcement associate Matthew Bisanz (Washington DC).
NAIC Proposes Cybersecurity Model Law for the Insurance Industry
On March 2, 2016, the National Association of Insurance Commissioners’ (NAIC) Cybersecurity Task Force proposed a comprehensive Model Law that is intended “to establish the exclusive standards for data security and investigation and notification of a breach of data security” for licensed insurance companies. The proposed Model Law would apply to all insurers, producers “and…