We all know that:
Cyber risks are evolving at an accelerating rate,
Most Insurance Departments now have established in law or by regulation the Data Security Program requirements,
Data Security Programs have to continue to evolve and mature,
The most important internal controls are contained within corporate governance and enterprise risk management.
Does anyone have an example of an insurance commissioner taking an enforcement action under this
?
Comments