Ask Tim; Cyber

New Resource Helps You Comply With NY Cyber Reg

Abstract: You now have one-stop access to information about the cybersecurity practices of large publicly traded insurance carrier groups. Body: Big I New York has unveiled a new resource to help agencies comply with part of the New York financial servi​ces cybersecurity regulation. Specifically, it will make it easier for you to comply with the requirements regarding third-party service providers. You now have one-stop access to information about the cybersecurity practices of large publicly traded insurance carrier groups.The regulation's Section 500.11 requires all covered entities, including insurance agencies and brokers of any size, to “implement written policies and procedures designed to ensure the security of…

Continue ReadingNew Resource Helps You Comply With NY Cyber Reg

NY Cybersecurity Regulation: What Your Agency Needs To Do

Abstract: Sometime between now and April 15, each agency must log into the NYS Department of Financial Services (DFS) cyber portal and complete and submit one of two forms. Body: ​January 2025 has brought with it fresh batches of lake effect snow and a new cybersecurity regulation compliance filing season. Sometime between now and April 15, each agency must log into the NYS Department of Financial Services (DFS) cyber portal and complete and submit one of two forms:Certification of Material Compliance (if the agency was in material compliance with all sections of the regulation that applied to it in 2024.)Acknowledgement of Non-Compliance (if the agency…

Continue ReadingNY Cybersecurity Regulation: What Your Agency Needs To Do

DFS Letter: Beware of Cyber Risks From A.I.

Abstract: The New York State Department of Financial Services (DFS) has cautioned the entities it regulates to be alert to cybersecurity risks resulting from using artificial intelligence (AI) technology. Body: ​The New York State Department of Financial Services (DFS) has cautioned the entities it regulates to be alert to cybersecurity risks resulting from using artificial intelligence (AI) technology. The department also described steps for reducing those risks.DFS responded in the October 16 industry letter to questions about the cyber risks from AI and what to do about them. The letter did not add new requirements to those in the department's cybersecurity regulation. Instead, it explained…

Continue ReadingDFS Letter: Beware of Cyber Risks From A.I.