October is Cybersecurity Awareness Month – Be cyber safe

Cyber threats present a continuous and growing risk, particularly with the increased use of technology in conducting insurance business activities. Licensees should review their current cybersecurity practices, implement measures to prevent cybersecurity incidents and be ready to respond to them should an incident occur. Licensees have a duty to safeguard clients' personal information and to determine the appropriate safeguards necessary to meet their duty.

In recognition of Cybersecurity Awareness Month, the Insurance Council has curated some helpful resources to assist you in learning more and being cybersecurity-ready.

• The Government of Canada’s

  Get Cyber Safe

  is dedicated to helping Canadians learn about cybersecurity and the simple steps you can take to protect yourself online. This year’s theme is Generation Cyber Safe: Because online security knows no age.

  The five-week campaign highlights each generation’s unique cybersecurity strengths and shares easy to implement best practices with tips on how to maintain them throughout the year. Find more resources, tips and blogs on their website to help you learn how to secure your accounts, your devices and your connections.

• Cyber Savvy Canada

  created by the Insurance Bureau of Canada (IBC) helps increase cyber awareness among Canadian employees and businesses and educate on the simple steps to take to reduce cyber risk at work. This site shares steps business owners can take to reduce their risk of a cyber attack or data breach, along with an assessment about the cybersecurity protocols that cyber insurers may want potential insureds to have when they consider coverage for cyber risks along with providing other cyber resources and information.

• BC’s Office of Information & Privacy Commissioner

  oversees the information and privacy practices of public bodies and private organizations that collect, use or disclose personal information. Their website provides resources such as privacy breach tools, a privacy breach checklist and a guide for private and public organizations.

• The Insurance Council of BC’s

  Licensee Responsibilities

  page includes information about licensee responsibilities for cybersecurity practices and safeguarding client information.

Licensees should review their current cybersecurity practices, implement measures to prevent cybersecurity incidents and be ready to respond to them should an incident occur.

The Insurance Council’s position and requirements on client privacy and confidentiality do not override the requirements under existing legislation, Licensees must also follow the Personal Information Protection Act (PIPA). The Office of the Information and Privacy Commission (OIPC) for British Columbia oversees the information and privacy practices of organizations that collect, use or disclose personal information and can provide resources, tools and guidance.

Canadian Insurance Services Regulatory Organization (CISRO), of which the Insurance Council is a participant, issued a publication and tool in 2023 on Cybersecurity Readiness to support insurance intermediaries in improving cybersecurity practices and safeguarding confidential client information. Licensees are encouraged to familiarize themselves with the practices outlined in CISRO’s publication to achieve and ensure cybersecurity readiness. Some of the key measures noted in the publication include:

• Understanding and complying with the agency's policies and procedures on cybersecurity;

• Reviewing cybersecurity practices and implementing appropriate measures to address or mitigate any identified risks; and

• Establishing a cybersecurity incident response plan to protect client information (see ‘Elements to include in a Cyber Incident Response Plan,’ on page 7 in the publication).

To learn more about licensee responsibilities and requirements, please visit the Licensee Resources page of our website.

If you still have questions, please contact our Practice & Quality Assurance team at practice@insurancecouncilofbc.com or 604-695-2008.