Preview Mode Links will not work in preview mode

Aug 14, 2018

Howard W. Greene is the Director of Strategic Initiatives at Excess Line Association of New York (ELANY), a non-profit industry advisory association. Theodore P. Augustinos is a Managing Partner at Locke Lord LLP, a full-service law firm that is recognized for its solid reputation in complex litigation, regulatory, and transactional work. David Burgeson is the Chief Operating Officer at Renaissance Systems Inc., a nationwide provider of compliance-based IT services, programming, big data analytics, and security solutions.

Howard, Theodore, and David join us to discuss the topic of cybersecurity in the insurance industry. They share their wisdom regarding compliance, regulations, and how a company should respond to a cybersecurity threat and describe how their companies guarantee data security of third-party apps. They also explain how they dispose of data properly and share tips on how to strengthen a company’s cybersecurity in accordance with the new regulations.

“Most of the data breaches aren't from the third world, but internally.” - David Burgeson

Today on Spot On Insurance:

  • Where the insurance industry currently stands on cybersecurity regulations?
  • Who are the covered entities under the regulations?
  • What is Section 500.06 all about and what it requires.
  • How brokers detect and respond to cybersecurity events.
  • How long companies should retain records.
  • How companies can test the security of third-party apps.
  • How often companies should review their testing procedures.
  • What counts as secured disposal of data?
  • The type of data you can't dispose of easily.
  • The kind of policies and procedures brokers can reasonably implement.
  • Why encryption is a non-option for data security.
  • How insurance departments protect data submitted to them.
  • Their advice to those wanting to enter the insurance industry.

Key Takeaways:

  • Make security and compliance a part of the culture and operations of your organization.
  • You need to have some level of control that would reveal whether employees or other unauthorized users may be improperly accessing, using, or tampering with data.
  • As you’re deploying new technologies, it's important to design data mapping and disposal for your facilities.
  • You need to have procedures for evaluating, assessing, or testing the security of apps.

Connect with Howard Greene:

  • Email:
  • Phone: 646-292-5591

Connect with Theodore Augustinos:

  • Locke Lord
  • Email:
  • Phone: 860-541-7710

Connect with David Burgeson:

This episode was brought to you by…..

Insurance Licensing Services of America (ILSA), America’s Premier Insurance Compliance and Licensing experts. To learn more about ILSA and their services, visit

Connect, Learn, Share

Thank you for joining us on this week’s episode of Spot On Insurance. For more resources and episodes, visit Subscribe so you never miss an episode. Love what you’re learning, Spot Light your review on iTunes and share your favorite episodes with friends and colleagues!