Cyber regulations are tightening, with new requirements around HIPAA updates, NAIC Model Law adoption, NYDFS Cybersecurity Regulation (23 NYCRR Part 500), and NIST CSF 2.0. At the same time, AI and third-party dependencies are introducing new exposures. We translate these shifts into direct, practical guidance so boards and executives can focus on the issues that matter most to regulators, rating agencies, and stakeholders.
Subscribe to our cybersecurity insights to gain:
We know your time is valuable. That’s why our content is built to be focused, actionable, and free of fluff—delivered straight to your inbox when it matters most.
Cybersecurity Awareness Month emphasizes that protecting policyholder data against digital threats requires both vigilance and strategy. Explore recent insights that turn today’s insurance cybersecurity challenges into board-level strategies for governance, compliance, and business continuity.
We help insurers strengthen governance, meet regulatory requirements, and protect critical assets from evolving threats. Our services include:
Cybersecurity Risk Assessment
Benchmark your program against frameworks such as NYDFS Cybersecurity Regulation, NIST CSF 2.0, and CIS Top 18 to identify strengths and gaps.
Artificial Intelligence (AI) Risk Assessment
Evaluate AI governance and implementation processes against the NIST AI Risk Management Framework.
Business Resiliency
Assess recovery and continuity planning, testing strategies, and communication protocols, and build a roadmap for future-state maturity.
Third-Party Risk Management Assessment
Review your vendor management program against regulatory requirements, best practices, and emerging risks.
Program Development & Documentation
Design and implement cybersecurity policies and procedures aligned with your business and regulatory obligations.
Compliance Assessment
Evaluate your cybersecurity program’s compliance to confirm whether proper controls are in place to defend against threats and maintain a strong posture. Services include System and Organization Controls (SOC) for Cybersecurity and Report on Compliance (ROC) NIST 800-171.
You’ll work directly with senior specialists who bring deep regulatory knowledge and decades of insurance and nonprofit experience. They stay engaged from planning through remediation, ensuring complex requirements are translated into practical action.
Kim Mobley
Partner
Greg Daniel
Managing Director
Matt Flynn
Senior Manager
Carly Kanwisher
Senior Manager
Cybersecurity is no longer just an IT issue. It is a test of accountability and organizational continuity. The sooner you act, the sooner you can demonstrate oversight, safeguard stakeholders, and stay ahead of emerging risks, which helps build a stronger cyber-safe culture.
Here’s how we help organizations take the next step:
