The U.S. Securities and Exchange Commission (SEC) failed to implement the same controls it monitors in public insurance corporations for Sarbanes-Oxley compliance, according to the IT Compliance Institute, an online information technology compliance site. The SEC isn't subject to SOX, HIPAA, or GLB, but it is accountable to the Federal Information Security Management Act. Under this law, the SEC has annually reported on its information security since 2002.The report, released by the Government Accountability Office, noted the following vulnerabilities: Ineffective electronic access controls of user accounts and passwords, access rights and permissions; network vulnerability to improper access, through both network architecture and direct physical access to unlocked wiring closets; spotty policies and procedures for key control areas and general support systems; and an inability to assess security risks or identify anomalous or suspicious network activities for review.
-
SDK integration can simplify and revolutionize digital offerings for health insurers.
April 25Spectrum.Life -
The insurtech discusses its multi-line solutions and ethics of AI.
April 25 -
Allstate Corp. will end its years-long pause on underwriting in California as soon as the state regulator adopts proposed regulatory changes to make it easier for insurers to raise rates, according to a company spokesperson.
April 25 -
The Net Zero Insurance Alliance will instead be replaced by the Forum for Insurance Transition to Net Zero (FIT), convened and led by the United Nations Environment Programme, according to a statement on Thursday.
April 25 -
The Jackson, Mississippi, company will use proceeds from the sale of its Fisher Brown Bottrell Insurance unit to restructure its investment portfolio, moving $1.6 billion of low-yield securities off the balance sheet.
April 24 -
The specialty insurer is changing up its requirements for some positions, about one-third of jobs don't require a four-year college degree.
April 24