Steptoe & Johnson L.L.P. has developed an analysis of the NAIC Principles for Effective Cybersecurity Insurance Regulatory Guidance and a federal cybersecurity legislative update.

According to Steptoe, “[t]he Principles mirror and attempt to codify generally accepted cybersecurity ‘best practices’—they do not attempt to create new standards.” NAIC’s adoption of these Principles is only meant to help guide the development of state cybersecurity policies and may be referenced by states and state insurance regulatory authorities.

Included in the Steptoe analysis is an update on federal cybersecurity legislation including a detailed matrix of all of the information sharing legislation and a detailed matrix of all of the data security and data breach notification bills.

This content is restricted to CIAB members only. A username and password is required.

Leave a Reply

You must be logged in to post a comment.