Bermuda Reinsurance Magazine posted an article on December 28, 2018, about Bermuda Monetary Authority (BMA) cyber security report highlights concerns. Below are some key highlights:
- The Bermuda Monetary Authority has issued a new report looking at the state of cybersecurity in the market at the moment.
- The BMA report said that a number of areas have been identified as still needing significant enhancements across the Bermuda Commercial Insurer market.
- It is important to ensure that contracts with suppliers and third-party partners are structured in a manner that is consistent with theinsurer’s cybersecurity policies.
- The vast majority of Commercial Insurers indicated that staff are provided with ongoing cybersecurity and data privacy training; the effectiveness of the training, including social engineering and penetration testing, and tracking, was assessed as generally being inadequate.
- A wide range of globally recognised cyber security standards or practices have been adopted by a number of Commercial Insurers, but a fit for purpose framework needs to be more broadly adopted by the wider market, for example NIST or Cobit.
Reference(s):