State insurance lawmakers not planning cyber model legislation

By Erin Ayers on July 18, 2014

ncoil_gf_logo_smThe National Conference of Insurance Legislators (NCOIL) closely watches federal legislative activity on cybersecurity issues, but has no plans currently to draft a resolution or model legislation, even while much of the insurance industry offers cyber coverage.

During the group’s summer meeting in Boston, members of NCOIL’s Financial Products Committee learned of moves made in Congress regarding cybersecurity. There is an emphasis on information sharing and diminishing the fear of organizations that they could be sued for revealing cybersecurity threats.

There is also a focus on offering incentives to organizations for buying cyber insurance, NCOIL members heard from the group’s Industry Education Council. While this is much support for the existing efforts at boosting detection and deterrents, it is clearly a wide-reaching problem for which Congress has been unable or unwilling to work on with a comprehensive bill package.

NCOIL is likely to follow the efforts, rather than take any group action, according to Rhode Island state Rep. Brian Patrick Kennedy.

“NCOIL has not adopted a resolution or discussed creating a model on the issue of cybersecurity and data breach issues,” Kennedy told Advisen in an email. “We are aware of the problems that are occurring on a nearly daily basis, however, we are still discussing whether this is an issue that we should be creating a model for or whether it is better for each State and the Federal government to adopt their own best practices and standards for addressing cybersecurity and data breaches. We have previously heard from the American Bankers Association representative that this is going to become a greater issue as more sophisticated hackers as well as foreign governments attempt to get past security software, however, whether this is something that NCOIL can address in a model format remains a question at this time.”

During the meeting, lawmakers acknowledged the specialized nature of cyber insurance as well as its significant role in safeguarding all the personal and sensitive data held by governments and organizations.

“It’s not like some of the commercials where there’s a box marked cyber and you can buy it off the shelf,” said Kennedy.

erin.ayers@zywave.com'

Erin is the managing editor of Advisen’s Front Page News. She has been covering property-casualty insurance since 2000. Previously, Erin served as editor-in-chief of The Standard, New England’s Insurance Weekly. Erin is based in Boston, Mass. Contact Erin at [email protected].