Even if your company does not report to the New York Department of Financial Services (DFS), all insurers should heed warning to prepare for future cyber risk regulations and requirements. Cyber risk is real and has the potential to be catastrophic, if not sufficiently identified and addressed.
On February 4, 2021, DFS issued a letter to all authorized property and casualty insurers in a renewed effort to address increasing cyber risk for all organizations. The letter notes that the “COVID-19 pandemic has shifted more of our work and lives online, and this shift has introduced new vulnerabilities that cybercriminals are aggressively exploiting.” In response, DFS has created a Cyber Insurance Risk Framework after consultation with industry representatives, cybersecurity experts and other stakeholders to address new and significant emerging systemic cyber risks, such as the hack of SolarWinds Orion Platform. The hack of SolarWinds disclosed a massive cyber vulnerability that continues to unfold in terms of the extent to which data security has been compromised in critical U.S. government agencies as well as multi-national companies, U.S. businesses and other…