November 29, 2016
The U.S. federal government has long debated using insurance as a tool to create incentives for better cybersecurity in the private sector, and has tried to prod the insurance industry to offer cyber coverage. Meanwhile, financial firms and industry groups have pushed the federal government to create a backstop for cyber insurance, arguing that the U.S. government is likely to end up footing the bill should a catastrophic cyber incident occur.
When catastrophes have occurred in other areas, Congress has enacted legislation to repair the damage and made efforts to prevent a similar incident from happening again. This pattern played out following 9/11, Hurricane Katrina, and the 2008 financial crisis, to varying degrees. Anticipating a catastrophic event in cyberspace, Rob argues that Congress should put in place a federal backstop for cyber insurance. Doing so would set expectations for the market and, if constructed properly, reduce the likelihood of a catastrophic cyber event by stimulating the adoption of best practices through insurance requirements and creating incentives to participate in programs that reduce risk for everyone connected to the internet.
You can find the full brief here.
Post a Comment
CFR seeks to foster civil and informed discussion of foreign policy issues. Opinions expressed on CFR blogs are solely those of the author or commenter, not of CFR, which takes no institutional positions. All comments must abide by CFR’s guidelines and will be moderated prior to posting.