2022 Membership

2023 Proposed Charges

1. The Cybersecurity (H) Working Group will:
   
   1. Monitor cybersecurity trends such as vulnerabilities, risk management, governance practices, and breaches with the potential to affect the insurance industry.
   2. Interact with and support state insurance departments responding to insurance industry cybersecurity events.
   3. Promote communication across state insurance departments regarding cybersecurity risks and events.
   4. Oversee the development of a regulatory cybersecurity response guidance document to assist state insurance regulators in the investigation of insurance cyber events.
   5. Monitor federal and international activities on cybersecurity engaging on efforts to manage and evaluate cybersecurity risk.
   6. Coordinate NAIC committee cybersecurity work, including cybersecurity guidance developed by the Market Conduct Examination Guidelines (D) Working Group and the Information Technology (IT) Examination (E) Working Group.
   7. Advise on the development of cybersecurity training for state insurance regulators.
   8. Work with the CIPR to receive updates on cybersecurity research efforts, by the CIPR and others, and to analyze publicly available cybersecurity-related information.
   9. Support the states with implementation efforts related to the adoption of Model #668.

2022 Adopted Charges

The Cybersecurity (H) Working Group will:

1. Monitor cybersecurity trends such as vulnerabilities, risk management, governance practices and breaches with the potential to affect the insurance industry.
2. Interact with and support state insurance departments responding to insurance industry cybersecurity events.
3. Promote communication across state insurance departments regarding cybersecurity risks and events.
4. Oversee the development of a regulatory cybersecurity response guidance document to assist state insurance regulators in the investigation of insurance cyber events.
5. Coordinate NAIC committee cybersecurity work including cybersecurity guidance developed by the Market Conduct Examination Guidelines (D) Working Group and the Information Technology Examination (E) Working Group.
6. Advise on the development of cybersecurity training for state insurance regulators.
7. Work with the Center for Insurance Policy and Research (CIPR) to analyze publicly available cybersecurity related information.
8. Support the states with implementation efforts related to the adoption of Insurance Data Security Model Law (#668).
9. Engage with federal and international supervisors and agencies on efforts to manage and evaluate cybersecurity risk.