Cybersecurity Simplified for Insurance Agencies

Introducing EnigmaU

What is the NAIC Insurance Data Security Model Law 668?

In recent years many data breaches involving large insurers have shaken the industry. As a result, the National Association of Insurance Commissioners, partnering with state regulators, worked to create a uniform set of cybersecurity standards, becoming the Insurance Data Security Model Law in 2017. Since 2017, multiple states have adopted this law, while others, like New York, have used this as a basis for their own guidelines.

State Adoption Status of Model Law 668

In the coming years the law will be mandated for all states

What does the NAIC law require?

Core Requirements

Creating and maintaining an Information Security Program 4. Annual reporting for board oversight
Implementing 3rd party tools and controls 5. Implementing 3rd party tools and services
Creating and following a Risk Management Plan 6. Creating an Incident Response Plan

Information is taken from NAIC

Learn More

Cybersecurity Simplified for Insurance Agencies

Introducing EnigmaU

What is the NAIC Insurance Data Security Model Law 668?

What does the NAIC law require?

Core Requirements

EnigmaU Bundles.

Start with the basics and scale as your agency and cybersecurity requirements grow.

Prepare for Compliance with Enigma