The US Treasury Department has issued a request for public comment on a federal cyberinsurance program that would aim to cover the costs associated with severe cyberattacks. The Federal Insurance Office (FIO) and the US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) are currently conducting a joint assessment for Congress. Because cyberattacks are occurring at such frequent rates, rates for cyberinsurance coverage have soared, making it difficult for businesses to afford coverage if it is even available. The proposed federal program would focus on critical infrastructure and be used as a backstop.
The cyberinsurance market has grown over the years, with approximately $4 billion in direct premiums written in 2020. However, the frequency and severity of cyberincidents impacting critical infrastructure have also grown. A GAO report citing a 2020 CISA study found that the estimated potential losses from severe cyberincidents ranged from $2.8 billion to $1 trillion per event for the United States.
In the United States, insurance is generally provided through private insurers. However, the federal and state governments have supplemented the private market when private insurers have failed to offer affordable coverage to policyholders. For example, at the federal level, the government offers the National Flood Insurance Program (NFIP). In addition, many states have created residual market funds for policyholders to obtain coverage for natural disasters, malpractice liability, and other damages.
Some topics on which the FIO seeks comment include the following:
Support the originator by clicking the read the rest link below.
