Government weighs in on cyber costs

As cyberattacks continue to rise, the federal government is contemplating whether it should step in to help private insurance companies cover some of the costs related to severe cyber incidents.

The Treasury Department and Cybersecurity and Infrastructure Security Agency (CISA) recently asked stakeholders in the industry to weigh in on whether there’s a need for a federal insurance response to “catastrophic” cyber incidents and, if so, how such a program should be implemented.

• This comes as private insurance firms have significantly increased premiums for companies seeking cyber coverage and, in some cases, denied coverage for state-sponsored cyberattacks as their frequency has surged over the past few years.
• Currently, the U.S. government does not have a federally backed cyber insurance program to deal with destructive cyberattacks.
• “I think what you’re seeing is the government sort of thinking about this from their side … if they should be doing more to help companies that are hit and, if so, how should they define what the thresholds are,” said Josephine Wolff, an associate professor of cybersecurity policy at the Tufts University Fletcher School.