Insurers' cyber security practices have been a major focus of regulators around the globe this year. In the U.S., the National Association of Insurance Commissioners has convened a
In China, the China Insurance Regulatory Commission issued Draft Insurance IT Rules that require, in part, that insurers doing business in the country purchase "secure and controllable" products, including domestic encryption technologies and local hardware and software.
But
The groups contend that "such provisions would run counter to global information security standards" by excluding foreign companies who provide cybersecurity software, Reuters reported.
"We urge CIRC to avoid the risks associated with exclusive reliance on localized solutions, prescriptive technologies and restrictions on data flows," the lobby group said in the letter. "By excluding foreign technology that may be the most secure, this approach is likely to result in less secure digitalized operations."