This week the Government Accounting Office published a report looking at potential responses to address the financial fallout from a catastrophic cyberattack on critical infrastructure. It concludes that there are some major shortcomings in current insurance programs. It recommends that DHS and the Treasury Department take a concerted look at the situation and come up with potential program suggestions.
Specifically, the report notes (pg 1):
“Cyber insurance and the Terrorism Risk Insurance Program (TRIP)—the government backstop for losses from terrorism—are both limited in their ability to cover potentially catastrophic losses from systemic cyberattacks. Cyber insurance can offset costs from some of the most common cyber risks, such as data breaches and ransomware. However, private insurers have been taking steps to limit their potential losses from systemic cyber events. For example, insurers are excluding coverage for losses from cyber warfare and infrastructure outages. TRIP covers losses from cyberattacks if they are considered terrorism, among other requirements. However, cyberattacks may not meet the program’s criteria to be certified as terrorism, even if they resulted in catastrophic loss.”
No comments:
Post a Comment