Requirements on cyber hygiene for insurers and insurance agents.
This notice applies to
(a) all licensed insurers; and
(b) all insurance agents except for any of the following persons –
(i) an individual; and
(ii) a person exempted from holding a financial adviser’s licence under section 23(1)(f) of the Financial Advisers Act (Cap. 110); and
(iii) such persons or class of persons as may be exempted from section 6(1) of the Financial Advisers Act (Cap. 110), under section 100(1) or (2) of the Financial Advisers Act (Cap. 110).
It sets out cyber security requirements on securing administrative accounts, applying security patching, establishing baseline security standards, deploying network security devices, implementing anti-malware measures and strengthening user authentication.