The Source for Cyber Insurance News, Insights and Data
Government regulations impacting cyber security and cyber insurance.
We’ve reported that insurance giant Aflac filed an SEC 8-K form in June to disclose that a hacker had used “social engineering” to gain “unauthorized access to its network.” Interestingly, at least for cyber insurance nerds such as us, Aflac did not file an “Item 1.05” 8-K for a “material” cyber event, but rather an … Read more
We’ve long covered the SEC’s regulation requiring public companies to disclose serious cybersecurity incidents in an 8-K filing. See several updates and the text of the cyber disclosure regulation here. A common theme since the rules were released in 2023 has been confusion about when cybersecurity 8-Ks must be filed. The rules seem straightforward on … Read more
Insurance giant Aflac will report its Q2 financial results on August 5th. Although its press release is silent on the topic, it seems likely the company cannot duck providing more detail on the cyber event 8-K it filed with the SEC last month disclosing “unauthorized access to its network.” The company has blamed the penetration … Read more
Weeks after New York State announced new cyber regulations, the state’s Attorney General Letitia James has filed suit over breaches suffered by car insurer National General, now owned by Allstate Insurance. “Emboldened Hackers” “National General’s weak cybersecurity emboldened hackers to steal New Yorkers’ personal data, not once but twice in two separate cyberattacks,” said James … Read more
The Securities and Exchange Commission (SEC) has created a new cyber unit, no doubt raising questions for cyber insurers about the potential impact of the changes on their liability, including from SEC cyber regulations involving disclosure of cyber attacks. Called the Cyber and Emerging Technologies Unit (CETU), it’s been formed “to focus on combatting cyber-related … Read more