Skip Ribbon Commands
Skip to main content

Agency Cyber Guide 3.0

Independent insurance agents and brokers must properly collect and protect sensitive client information every day. This means
complying with state and federal regulations as well as adhering to customer service best practice standards, and compliance with Data Privacy Laws as mandated in all Agency/Company contracts.   

 Cyber Tips 3-Part Series

What to Do and How to Do It

ACT has created this short, easy-to-use
"Agency Cyber-Readiness Self-Assessment" to assess the top areas to address

Agency Cyber-Readiness Self-Assessment

Take the Self-Assessment



 “Privacy Provisions of The Gramm-Leach-Bliley Act (GLBA) and Their Impact on Insurance Agents & Brokers”

Download Now

A State Statute, Regulation, Order, or Interpretation is not inconsistent with the provisions of the GLBA if the protection offered by the Statute, Regulation, Order or Interpretation is greater than that offered under the GLBA.  The States are required to implement and enforce the GLBA Privacy Requirements for Insurance Agents, Brokers, and Carriers. 

In 2016, The Big I General Counsel did an in-depth review of the GLB Act and provided significant insights on the data security, carrier contracts and overall information security implications of this mandatory Federal Act. 

 GLBA is the threshold for financial institutions and insurance companies and agencies. State Laws are mandated to comply with GLBA and if the state wishes to make changes, they must exceed what is required under GLBA. 

 These acts and regulations can be difficult to address given the multifaceted responsibilities agents encounter daily, but it is mandatory and must be a priority.

Please review the privacy provisions as detailed in The Gramm-Leach-Bliley ACT to gain insights on their impact to you as an independent agent - 

Particularly the data security requirements and contract implications detailed in Section VI on pages 5 & 6.

The Agents Council for Technology (ACT) in cooperation with our carrier, vendor, and agent/broker members and has created this Agency Cyber Guide for Big I" independent agents and brokers.  This tool includes a list of the major Federal and State regulations with clear descriptions and resources to address each, including detailed information on each vendor/service provider. Given the swift nature of change in technology and the increasing sophistication of cybercrime, this tool will be updated on a periodic basis.

Cyber Guide Resources

A customizable security policy template for your agency.

Learn More

Check out these insights as provided by the Federal Trade Commission (FTC) on GLBA, and more detail on what the provisions and compliance for safeguards mean for our industry. This site also house links to additional GLBA-related resources.

Learn More

The National Association of Insurance Commissioners (NAIC) created a model law for states to review and adopt. This web page lists updates on state progress and additional resources to understand the details of the NAIC Model Law.

Learn More

A review of regulations by the NY DFS. Your company may apply for an exemption depending on how your agency falls within these regulations.

Learn More

The Gramm-Leach-Bliley ACT (GLBA) created far-reaching cyber regulations for agents to comply with. This article created by a law firm specializing in GLBA discusses how insurance agency producer specifically can work to protect their customer’s privacy and sensitive information.

Learn More

 Additional Resources

NY Exemption Filing Information via IIABNY

New cybersecurity rules that every agency and individual must follow laid out by the DFS.

Cybersecurity Vendors and Offerings

A quick guide on how your agency may comply with cyber regulations.

Big I" Cyber Resources

Explore cyber resources presented by the Big “I” for agencies. Including an agency workstation diagnostic tool from Ensure Endpoint Technologies.

A Cybersecurity Checklist for the Small Business

A list of items to act as a guide when checking on your agency's cybersecurity risks.

How to Prevent Cyberattacks: Top Ways to Protect Yourself

Extensive infographic guide developed by Maryville University. Detailed insights and resources on common types of cyberattacks, emerging cybersecurity threats, ways to protect yourself from cyberattacks and more.

CISA - Cybersecurity & Infrastructure Security Agency

US Government website that works with partners to defend against today's threats and build a more secure and resiilient infrastructure for the future. Includes resources for Small and Midsize businesses including a cyber resources roadmap and "Stop.Think.Connect." toolkit.

National Security Agency - Mobile Device Best Practices

Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information

Multi-Factor Authentication Best Practices

Learn about ID Federation and their recommendations for MFA Best Practices.

 Cyber Security Liability Insurance Policies Resources

Do not confuse these with agency security processes detailed in this document prior to this section.

Big 'I' Markets: Cyber Liability Solutions

Big “I” new cyber solution for small businesses.

A Buyer's Guide to Cyber Insurance McGuire/Woods

The different types of cyber insurance on the market.

​127 South Peyton Street
Alexandria VA 22314
​phone: 800.221.7917
fax: 703.683.7556

Follow Us!

​Empowering Trusted Choice®
Independent Insurance Agents.