2026 Charges
- The Cybersecurity (H) Working Group will:
Cybersecurity Charges
- Monitor cybersecurity trends, such as vulnerabilities, risk management, governance practices, and breaches, that have the potential to affect the insurance industry.
- Facilitate communication across state insurance departments regarding cybersecurity risks and events.
- Develop and maintain regulatory cybersecurity response guidance to assist state insurance regulators in the investigation of national insurance cyber events.
- Monitor federal and international activities on cybersecurity, engaging in efforts to manage and evaluate cybersecurity risk.
- Coordinate NAIC committee cybersecurity work, including cybersecurity guidance developed by the Market Conduct Examination Guidelines (D) Working Group and the Information Technology (IT) Examination (E) Working Group.
- Work with the Center for Insurance Policy and Research (CIPR) to receive updates on cybersecurity research efforts, by the CIPR and others, and to analyze publicly available cybersecurity-related information.
- Support the states with implementation efforts related to the adoption of Model #668, including supporting the research into and, if approved, the implementation of a cybersecurity event notification portal.
- Coordinate with committee support to support cybersecurity preparedness for state insurance regulators, including advising on training development and facilitating tabletop exercises.
Cybersecurity Insurance Charges
- Monitor industry trends pertaining to cyber insurance, including meeting with subject matter experts (SMEs) and evaluating data needs of state insurance regulators. Considerations should include the availability and affordability/pricing of cyber insurance, disclosures, limits and sublimits, as well asd sublimits in policies, policy language and trends in requirements, underwriting practices, and the role of reinsurance in the cyber insurance market.
- Coordinate with NAIC work groups addressing cyber insurance related issues, such as the Casualty Actuarial and Statistical (C) Task Force.
- Monitor federal and international activities related to cyber insurance and financing mechanisms for cyber risk.
- Coordinate with committee support to conduct analysis pursuant to the NAIC’s Cyber Insurance Report.
- Review the NAIC’s Property & Casualty Annual Statement Cybersecurity Insurance Coverage Supplement recommending changes and/or developing reports to supplement data development as necessary.
- Consider and develop a guide for states on cyber insurance data analysis best practices.
Cybersecurity (H) Working Group
Tuesday, March 24, 2026
2:00 PM - 3:00 PM PT
Manchester Grand Hyatt—Grand Hall A—Level 1
Sort by Date
Choose the order in which meetings are listed.
Public Webex Meeting
Wednesday, June 10, 2026
12:30 PM ET, 11:30 AM CT, 10:30 AM MT, 9:30 AM PT
Expected Duration: 1 hour
Webex Link
Purpose: In this session, NetDiligence will present key findings from their 2025 Cyber Claims Study, drawing on more than 10,000 real-world cyber insurance claims from 2020-2024. The presentation will focus on claims frequency, severity, and cost drivers and how those dynamics are evolving across sectors, company sizes, and incident types. The goal is to help regulators reflect on how empirical claims data can complement existing regulatory tools and inform risk-focused supervision of insurers writing cyber coverage, without advocating for specific policy outcomes or regulatory actions.
Public Webex Meeting
Friday, March 13, 2026
12:30 PM ET, 11:30 AM CT, 10:30 AM MT, 9:30 AM PT
Expected Duration: 1 hour
Webex Link
Purpose: Following a Public Review period to allow for written public-comments, the Cybersecurity (H) Working Group will meet to hear and discuss the comments received to complete drafting of the Cybersecurity Event Notification Portal Project Intake Form and move to adopt at or before the Spring National Meeting.
Public Conference Call
Thursday, September 25, 2025
12:00 PM ET, 11:00 AM CT, 10:00 AM MT, 9:00 AM PT
Expected Duration: 1 hour
Webex Link
The Working Group will solicit and discuss member & stakeholder feedback on two key documents central to advancing consistent and effective cybersecurity regulation. These materials outline a framework for reducing duplicative and redundant compliance efforts across departments, emphasize the importance of interdepartmental communication, and propose a standardized approach to gap analysis.
Public Webex Meeting
Tuesday, July 15, 2025
2:00 PM ET, 1:00 PM CT, 12:00 PM MT, 11:00 AM PT
Expected Duration: 1 hour
Webex Link
Purpose: In light of recent insurance organization incidents and apparent targeting by the Scattered Spider group, Coalition security experts will deliver a 40-minute, insurance-focused threat briefing. Drawing on security and threat intelligence, the speaker will outline threat trends relevant to our sector, detail what is known of Scattered Spider’s modus operandi, and discuss practical mitigations. The briefing will focus on concrete, actionable insights for both technical and nontechnical audiences and include time for Q&A.
Insurance Topics
Our improved resource can help you navigate committee-curated topics for a comprehensive understanding.
ExploreLegislative Tracking - Model #668
State Adoption Map Model #668 - Insurance Data Security Model Law
Contacts
Media Inquiries
(816) 783-8909
news@naic.org
Koty Henry
Cybersecurity Policy Advisor, P&C Regulatory Services
816-783-8379
Miguel Romero
Director, P&C Regulatory Services
816-783-8479
Please see the current Committee List for a complete list of committee members.