Cyber Month: Insurance Data Security Laws

The Rundown

In our final Cybersecurity Month session, Ryan Smith of RLS Consulting warned the insurance industry: don’t confuse compliance with actual security.

The Context

• Ryan Smith broke down the tangled web of federal (HIPAA, Gramm-Leach-Bliley) and state-specific data security laws.
• He pushed for using cybersecurity frameworks like CIS and NIST as guides, not just legal checklists.
• Key strategies: conduct risk assessments, build incident response plans, and document everything.

Why it Matters

Insurance firms sit on a goldmine of sensitive data — and hackers know it. Being “compliant” won’t stop breaches if your security game is weak. Proactive measures + legal awareness = your best defense in an evolving threat landscape.

Watch now to learn how to move beyond compliance and build real cybersecurity for your insurance business.