Sasha Romanosky writes in U.S. News that insurance companies are squandering their opportunity “to play a critical role in informing corporations about effective security controls, monitoring the use of those controls, and therefore help reduce the probability and magnitude of data breaches and other security incidents.”
Romanosky wants to encourage the cyber insurance industry to “step up and use the beautiful data it has to help shape and improve the security posture of its clients.” She argues that, “everyone will benefit. Corporations will learn to identify which security controls really matter in preventing and reducing breaches; consumers will suffer fewer losses from breaches; insurance carriers will continue to profit when their insureds invest in the right controls; and, policymakers will see industries overall become more secure.”