In a noteworthy decision on the coverage of data breaches by CGL policies, the United States Court of Appeals for the Fourth Circuit affirmed a lower court's August 2014 holding that Portal Healthcare Solutions LLC is covered under its CGL policies with The Travelers Indemnity Company of America.

On March 2, 2016, the National Association of Insurance Commissioners' Cybersecurity Task Force proposed a comprehensive Model Law that is intended "to establish the exclusive standards for data security and investigation and notification of a breach of data security" for licensed insurance companies.

The National Association of Insurance Commissioners' Executive Committee and Plenary has approved the NAIC Roadmap for Cybersecurity Consumer Protections, formerly the Cybersecurity Bill of Rights.

Following up on its promises to "move forward on regulations strengthening cybersecurity standards for banks' third-party vendors" and to "expand its information technology examination procedures to focus more attention on cybersecurity" the New York State Department of Financial Services issued a letter on November 9, 2015, to the Financial and Banking Information Infrastructure Committee.

Any person or company that wishes to acquire control of a US insurer is required to file an acquisition statement called a "Form A" with the insurance regulatory authority in the state where the target insurer is legally domiciled

Following up on its promise to "integrate regular, targeted assessments of cyber security preparedness at insurance companies as part of [its] examination process," the New York Department of Financial Services ("DFS") issued a letter on March 26, 2015.

On December 10, 2014, the New York Department of Financial Services (NYDFS) issued a letter to banking institutions chartered or licensed in New York notifying them of an expansion of the NYDFS information technology examination procedures to focus on cyber security issues as an integral aspect of risk management.

This is a friendly reminder that the deadline for filing enterprise risk reports is fast approaching in states that require them.

On December 12, 2013, the Federal Insurance Office (FIO) submitted to Congress and released a report entitled, "How to Modernize and Improve the System of Insurance Regulation in the United States."