NAIC Planning to Require Cybersecurity Insurance Data Submission

The NAIC’s Cybersecurity Task Force and Property and Casualty Insurance Committee are jointly weighing whether to add a required cybersecurity insurance coverage supplement to the already required Property and Casualty Annual Statement.  The supplement, which would be due April 1 annually, would be required of every reporting carrier writing a stand along cybersecurity insurance policy or including such coverage in a commercial multi-peril package policy.

According to the NAIC, the idea behind requiring the additional report is to gain a better understanding of the cyber security insurance market, including what carriers are dominating the market, how much premium is being collected, and the amount and nature of the claims being submitted.  The Task Force is also in the process of finalizing its “Principles for Effective Cybersecurity Insurance Regulatory Guidelines,” for which the comment period was just concluded on April 10, 2015.

The latest draft of the proposed supplement and the proposed Guidelines can be found here (beginning on page 11), was discussed at the Spring 2015 NAIC meetings and is expected to gain the Cybersecurity Task Force and P&C Committee’s approval quickly.