Do as I say...

September 01, 2005, 1:00 a.m. EDT 1 Min Read

The U.S. Securities and Exchange Commission (SEC) failed to implement the same controls it monitors in public insurance corporations for Sarbanes-Oxley compliance, according to the IT Compliance Institute, an online information technology compliance site. The SEC isn't subject to SOX, HIPAA, or GLB, but it is accountable to the Federal Information Security Management Act. Under this law, the SEC has annually reported on its information security since 2002.The report, released by the Government Accountability Office, noted the following vulnerabilities: Ineffective electronic access controls of user accounts and passwords, access rights and permissions; network vulnerability to improper access, through both network architecture and direct physical access to unlocked wiring closets; spotty policies and procedures for key control areas and general support systems; and an inability to assess security risks or identify anomalous or suspicious network activities for review.

For reprint and licensing requests for this article, click here.

TRENDING

Insurance

Unleashing the future of insurance: Integrating SDK into health coverage

SDK integration can simplify and revolutionize digital offerings for health insurers.

By Gary Coffey

April 25
Insurtech 2.0

Meet the insurtech: Earnix

The insurtech discusses its multi-line solutions and ethics of AI.

By Grace Crane

April 25
California

Allstate will insure California homes again, under one condition

Allstate Corp. will end its years-long pause on underwriting in California as soon as the state regulator adopts proposed regulatory changes to make it easier for insurers to raise rates, according to a company spokesperson.

By Nadia Lopez

April 25

Event Archives: On-demand access to insightful sessions with thought leaders

Watch this collection of the most notable sessions from our recent events. Learn from the industry’s top minds as they tackle the critical issues facing our community.

MORE FROM DIGITAL INSURANCE

Unleashing the future of insurance: Integrating SDK into health coverage

SDK integration can simplify and revolutionize digital offerings for health insurers.

April 25

Gary Coffey

Spectrum.Life
Insurtech 2.0

Meet the insurtech: Earnix

The insurtech discusses its multi-line solutions and ethics of AI.

By Grace Crane

April 25
California

Allstate will insure California homes again, under one condition

Allstate Corp. will end its years-long pause on underwriting in California as soon as the state regulator adopts proposed regulatory changes to make it easier for insurers to raise rates, according to a company spokesperson.

By Nadia Lopez

April 25
Climate change

Insurers group targeted by anti-ESG campaign is being replaced

The Net Zero Insurance Alliance will instead be replaced by the Forum for Insurance Transition to Net Zero (FIT), convened and led by the United Nations Environment Programme, according to a statement on Thursday.

By Alastair Marsh

April 25
Community banking

Insurance deal too rich for Trustmark to pass up, CEO says

The Jackson, Mississippi, company will use proceeds from the sale of its Fisher Brown Bottrell Insurance unit to restructure its investment portfolio, moving $1.6 billion of low-yield securities off the balance sheet.

By John Reosti

April 24
Attracting and Retaining Talent

Argo Group centers innovation in talent acquisition

The specialty insurer is changing up its requirements for some positions, about one-third of jobs don't require a four-year college degree.

By Kaitlyn Mattson

April 24