Share on Facebook Share on Twitter Share on Google+ Share on Linkedin In the wake of the high-profile breach of the U.S. Federal Government, WRIN.tv speaks with Adam Hamm about recent developments in cyber risk and cyber security. He is the North Dakota Insurance Commissioner and Chair of the NAIC Cyber Security Task Force, and a speaker at the 31st Annual S&P Insurance Conference in New York. Mr. Hamm reminds us that there is more than one group or country responsible for the cyber attacks that have taken place. He believes everyone is responsible for protecting themselves from the cyber threat. “We need to step up our game, whether it is the business community, regulators… policymakers, or consumers.” Currently, a cyber attack is not specifically covered in TRIA. Congress may add language to TRIA stating that a cyber attack is an ‘Act of Terrorism’, but right now it is an “open question.” According to Mr. Hamm, insurance commissioners are working to make sure that Congress doesn’t preempt States Rights. Mr. Hamm explains that insurance commissioners are responsible for protecting the consumer; Congress is responsible for setting the overall standards with regard to data breaches. The NAIC Cyber Security Task force is putting in place a set of best practices for insurance company examiners, starting in 2016. Whenever an examiner conducts a financial exam of an insurance company, there will be a set of best practices to test for security protocols and processes to protect policyholders. The NAIC Cyber Security Task Force is also putting together a Consumer Bill of Rights. Mr. Hamm says it will set expectations for insurance carriers in case of a breach. It will define what companies should do to respond to a breach and to communicate to consumers. It will also et consumers know what to expect from their carrier. For more of the S&P Insurance Conference visit the WRIN.tv On Demand Library.