OLDWICK, N.J.--(BUSINESS WIRE)--While certain captive insurers and risk retention groups (RRG) will be exempt from meeting New York State’s new cybersecurity requirements, these insurers still need to remain vigilant in their efforts to safeguard against cyber attacks, according to a new A.M. Best briefing.
The Best’s Briefing, titled, “Certain Captive and RRG Exemptions May Apply to New York State Cybersecurity Regulations,” states that the regulation is designed to promote the protection of customer information, as well as the information technology systems, of regulated entities. However, the New York Department of Financial Services has exempted non-domiciliary, or foreign, RRGs from compliance in a recent draft of its cyber regulation.
A.M. Best believes that while certain rated RRGs are exempt from this particular ruling, RRGs and other smaller companies should remain vigilant in their quest to safeguard against cyber attacks. Over the past few years, A.M. Best has been heightening its focus on cyber liability, which is now part of its assessment of a company’s risk management practices. Understanding a company’s vulnerabilities and the safeguards to deal with potential cyber threats is a subset of A.M. Best’s view of a company’s enterprise risk management.
To access the full copy of this briefing, please visit http://www3.ambest.com/bestweek/purchase.asp?record_code=259530.
A previously released briefing containing related commentary on New York’s cybersecurity regulations can be found at http://www3.ambest.com/bestweek/purchase.asp?record_code=258892.
A.M. Best is the world’s oldest and most authoritative insurance rating and information source. For more information, visit www.ambest.com.
Copyright © 2017 by A.M. Best Rating Services, Inc. and/or its subsidiaries.
ALL RIGHTS RESERVED.