Cyber Security Plan Services
Cyber security and data breach have become a major concern for insurance agencies across the country. States such as New York and South Carolina have implemented legislation which requires that insurance agencies comply with data security requirements. North Carolina is currently considering additional data security legislation.
Click here to view a 45-minute webinar in which IIANC’s Technology Consultant George Robertson goes through the recent updates and changes to state, federal, and industry regulations that require agencies to have written information security plans (WISPs).
IIANC’s Technology Consultant, George Robertson, can assist agencies with the development of a written information security plan (WISP) compliant with current State/Federal regulations, education of staff, and implementation of strategies and procedures to protect your agency from data breach.
Multiple Options Include:
Full Service WISP Development
Onsite assistance to help evaluate your business security, implement, and create a written information security plan (WISP). Agency will receive the “Cyber Security Risk Mitigation Assessment Document” for their review with their team and IT personnel. An onsite meeting will be scheduled to review and complete the Risk Mitigation Assessment with management and IT personnel. This review will cover Technical, Physical and Administrative security areas and note any needed Action Plans to be completed. Management and agency staff will be interviewed to determine specific areas for acquiring and storing Personal Identifiable Information (PII) as well as current procedures. At the end of the first onsite session, management will be briefed on the findings and any recommended preventative measures to be taken to secure PII.
Next, a draft copy of the WISP will be developed and delivered to management for their review. After management has had time to review the WISP, a conference call will be setup to address any needed changes. Once the WISP is completed, a second onsite meeting will be conducted to review the WISP with staff and train them on cyber security measures.
Fee: $3,000 + Reasonable travel expenses
Online DIY WISP Development
Understand how to evaluate your business security, implement, and create a written security plan. Over the course of 12 online sessions delivered over 3 month period, you will understand the different aspects of securing Personal Identifiable Information (PII) and creating a plan to protect PII. At the end of the DIY online course, you will have developed a written information security plan (WISP) for your agency and understand the different aspects for securing your client’s information. In addition, your staff will receive training on the WISP along with ways to help prevent a potential cyber-breach. Includes up to 30 minutes of personalized phone consultative time after each session for each participating agency to ask any questions to IIANC Consultant George Robertson.
Fee: $300 billed monthly for 3 months ($900 total cost)
IIANC members can take advantage of the many resources developed by the Agents Council for Technology (ACT) for a free Cyber Security Guide and Cyber Security Plan template which includes information on how you can develop your own agency written information security plan. To learn more visit ACT Agency Cyber 2.0
George Robertson, CISR
IIANC Technology Consultant
George Robertson has over 25 years of experience in the insurance and technology industry, with 12 of those as a fellow independent agency owner. This means he knows first-hand the challenges you face when trying to improve revenue and more efficiently use staff and agency management systems. His knowledge of insurance automation comes from years of study and working for some of the leading automation vendors in the industry as well as other leading technology providers. George is also well-versed in the latest social media tools and website advances and can help you implement those into your agency’s marketing efforts. George is a member of the IIABA Agents Council for Technology (ACT) Steering Committee and speaks around the country for industry associations and user groups on technology related issues.