Beazley highlights global cyber regulatory changes

The Portuguese Insurance and Pension Funds Supervisory Authority has recently declared that insurance contracts indemnifying the ransom payment associated with cybercrimes are not legally permissible, due to violation of Portuguese civil law, according to a cyber regulatory update from Beazley.

The update details regulatory changes affecting cyber across the globe. In the update, Beazley notes that Australia will be implementing mandatory reporting requirements for ransomware, with the government keen to understand which organisations are being targeted because ransomware costs the Australian economy up to AU$3bn ($1.9bn) in annual damages.

Beazley says that France has also implemented mandatory reporting requirements, but only for cybersecurity incidents covered by a cyber policy, with the law requiring insureds to file a complaint within 72 hours of becoming aware of a system compromise.

In the US, under the SEC’s new cybersecurity disclosure rule, public companies must now disclose the existence of key details surrounding a cybersecurity incident within four business days of determining the incident is material, said Beazley.

It added that the FBI has announced that it will increase the number of agents deployed to American embassies to focus on cyber-related crime, designed to improve the FBI’s efforts to combat international cybercrime.

Back to top button