October 27, 2015
How to Handle a Security Breach as told by NAIC's Cybersecurity Bill of RightsPerspecsys Photos/flickr
By: Sydney Beaudreault
Improving cybersecurity has jumped to the top of many organizations' lists due to this year's increase of security breaches. Industry leaders preach best practices and principles, how to share information securely, and overall guidance for preventative measures. However, data breaches are continuing to happen, leaving consumers at risk.
The NAIC's Cybersecurity Task Force has been proactively responding to the industry's needs. Since its inception, the group has monitored developments and created various best practices around prevention.
But what happens next? What if hackers are able to obtain the data despite preventative actions?
This month, the task force released their most recent document, the Cybersecurity Bill of Rights. The group defines expectations from the financial services industry in the case of a security breach.
Here are a few highlights that you should be aware of:
- Send notice by first-class mail or e-mail in a timely manner (less than 60 days)
- Provide descriptions of the information that was obtained along with actionable steps of protection
- Describe your organization's preventative measures
- Provide at least 1 year of identity theft protection
- Provide contact information for three credit bureaus and for the company/agent involved in the breach
Click here for more detailed information on the Cybersecurity Bill of Rights including helpful links on cybersecurity issues.
Sydney Beaudreault is a Technical Writer – Marketing Specialist for Vertafore's Sircon solution set. Sydney graduated from Michigan State University with a BA in Professional Writing and an emphasis in Public Relations. When Sydney isn't in Vertafore's East Lansing office, you can find her with her dog, Koda, or in the stands cheering on the Spartans.