<img src="https://secure.leadforensics.com/71120.png" style="display:none;">

Kalki Blog


SMB Insurance companies & NAIC's Cyber Security Regulations

Posted by Vikas Bhatia on Aug 26, 2016 4:00:00 PM

Till now our experience with insurance agencies has been fairly reactive and driven by IT.  In the background we've been keeping an eye on the National Association of Insurance Commissioners (the NAIC) regulations and how they would impact Small and Medium Sized Businesses (SMB).  In April the Cybersecurity (EX) Task Force (the Task Force) first presented the Insurance Data Security Model Law (the Model Law) it generated more than 40 comment letters from trade associations, market participants and regulators. insurance industry association .  It appears that the, "something has happened, now can you help us fix, resolve, remediate it" approach to Data / Information or Cyber Security is about to change drastically.

Read More

Topics: Regulations, Risk Management, Cyber Insurance, kalkiconsulting compliance, SMB, CISO, CIO

SEC makes cybersecurity a priority for businesses

Posted by StacyNease4Fbhds on Jun 17, 2015 8:45:02 AM

The SEC has recognized the importance of cybersecurity in the face of the growing number of threats and increasing amount of costly breaches. To help businesses prepare and protect consumers they have launched the Cybersecurity Examination Initiative last year. They started the initiative in the financial sector by examining nearly 100 entities, a combination of broker-dealers and investment advisors, to assess their cybersecurity preparation. And the results are in! Some of the basic observations from the examination are:

  • Written information security policies are becoming the industry norm.
  • There is significant lack of direction around how to address responsibility for client losses due to breaches.
  • Many firms utilize external standards to set up their cybersecurity framework.
  • While many firms have themselves conducted risk assessments, very few require that their vendors conduct one.
  • The majority of firms have experienced issues due to fraudulent emails but few have reported these issues to law enforcement or regulators.
  • Many firms are beginning to employ the use security technologies including encryption, asset management and information sharing tools.

For more details regarding this examination view the full report.

Want to start preparing your business? Start with our SecurITy Checklist to see where your business could use some help!

Read More

Topics: Regulations