For optimal functionality and an enhanced user experience, the following browsers are recommended when using aiadc.org: Chrome (version 4x), Mozilla Firefox (version 3x) or Internet Explorer (IE) versions 9, 10 & 11. Some of our site’s features may not function as you might expect if you are using an older browser (IE7 or IE8).

Cyber Security Public Issue Page

 icon-cmun.png

Cyber Security

Cybersecurity remains a top concern for businesses and a top policy priority for state, federal, and international governments as cyber-attacks continue to grow in sophistication, persistence, and severity.  The property and casualty insurance industry is uniquely positioned to be part of the conversation as both businesses that continually adapt data security protocols to achieve greater cyber resilience and as businesses that offer a risk transfer tool through the cyber insurance product.  AIA is proactively involved in the conversation at every level of government to ensure flexible risk-based requirements and to avoid regulatory impediments to the growth of the cyber insurance market. 

Corporate Data Security

Various industries, to include financial institutions, have long been subject to state and federal requirements to safeguard customer information.  In recent years as media accounts of data breaches become more prevalent federal and state governments have become engaged in a number of initiatives to encourage companies to increase their cybersecurity postures.  For example,Executive Order 13636 was issued on February 12, 2013 directing the National Institute of Standards and Technology (NIST) to develop the voluntary Cybersecurity Framework ; the “Cybersecurity Information Sharing Act” was signed into law in December of 2015; and In February of 2016, the Executive branch outlined its Cybersecurity National Action Plan to include the creation of the Commission on Enhancing National Cybersecurity.      

Further, at the state level, we continue to see amendments to state data breach notification and data security standard laws.  Of particular interest to the insurance industry, the National Association of Insurance Commissioners (NAIC) is the developing an insurance specific model law to bring uniformity to data standards and breach notification.  AIA will be actively involved in the development of this model and the uniform adoption necessary in all jurisdictions.  AIA strongly supports uniform standards and uniform enforcement.  

The property and casualty insurance industry is uniquely positioned to be part of the conversation as both businesses that continually adapt data security protocols to achieve greater cyber resilience and as businesses that offer a risk transfer tool through the cyber insurance product.  

Cybersecurity Insurance

Cybersecurity insurance is a valuable risk transfer mechanism that can also be a useful tool to help businesses think through their own risk analysis.  As such, there is a great deal of interest from government in this product and the challenges to its growth to include aggregation concerns and a lack of actuarial data.  AIA is actively engaged as an innovative thought leader to ensure that regulatory activity does not stifle innovation and responsible growth in this evolving market.