I began the year by writing two posts about the challenges and opportunities presented to insurance agents and agencies by cyber security issues. During the last week of February, I attended a webinar that focused on what agents and agencies should be doing to protect themselves. (Click here for a link to that presentation.) Next week, on March 16 at 2 p.m., Steve Anderson will be giving another webinar devoted to that topic. (Click here for a link to register for that webinar.) Those who have been following my blog this year will recognize his name, as he is a nationally recognized expert in the use of technology by the insurance industry. I wrote a couple of posts last month about a presentation that he made at a conference I attended on the use of social media in an agency’s marketing efforts.
It seems that cyber security will be the hot topic of 2016. It is something that cannot be ignored by agents and agencies any longer. If the practical reasons for paying attention to it that I explored in by blog posts earlier this year are not enough to motivate agents and agencies, the National Association of Insurance Commissioners (“NAIC”) is doing what it can to make sure that you have no choice. It has proposed 12 principles for consideration by state insurance commissioners in enacting regulations that will govern what insurance agents and agencies, as well as others in the industry, must do to protect the data they collect. Among these principles is a mandate that they have systems in place to alert consumers in a timely manner if there is a cyber security breach and that a minimum set of cyber security standards be enacted for all who are physically connected to the Internet and/or other public data networks, regardless of the size and scope of their operations.
The regulations are coming, so it makes sense for agents and agencies to get ahead of the curve and be ready for them. One way to begin the process is by reviewing the webinar I attended and signing up for Mr. Anderson’s webinar next week. Both of those will give agents and agencies the knowledge needed to create and implement appropriate cyber security policies and practices.