IA GL20 Compliance Guide: Navigating Cybersecurity for Hong Kong Insurers
TL;DR: What Boards and Senior Executives Need to Know IA GL20 requires insurers to demonstrate cyber resilience, not just technical controls. Compliance is assessed through the Cyber Resilience Assessment Framework (CRAF): IRA, MA, and TIBAS. Most regulatory issues arise from governance gaps, weak risk articulation, and fragmented execution. With clear ownership and leadership oversight, GL20
Read More