For this Regulatory Brief, AAIS sat down with Kathleen Birrane, Insurance Commissioner from the Maryland Department of Insurance, to discuss issues related to the cyber risk and insurance market.

Birrane says there are two parts to the cyber security issues. ”The first part has to do with the affordability and availability of insurance to cover cyber risks that businesses, companies and individuals have….A part of the reason the market has been tightening and costs have gone up is the number of incidents... ransomware."

According to Birrane, market hardening and reinsurers tightening up is not always a bad thing. She said, "It is driving (better) underwriting. Companies are much more precise, much more thorough in their underwriting...(and) they are enforcing, encouraging risk mitigation. That risk mitigation activity is what is best for the market."

Touching on the NAIC's "H" Committee, Birrane shared, "We have done a tremendous job at the NAIC with the Information Data Security Act. It has been adopted in 22 states, and it looks like it will be adopted in several more this year. The "H" Committee is focused on bringing along regulator tools to ensure when we get information about incidents that we are able to address them appropriately."

The "H" Committee has various working groups working on issues like privacy protection, cyber security, e-commerce, and big data/AI.

To view the full interview with Kathleen Birrane, please click the video above.