The House Homeland Security Committee’s Cybersecurity, Infrastructure Protection, and Security Technologies Subcommittee met on Tuesday to discuss the role insurance can play in cyber risk management. The Chairman of the subcommittee, Rep. John Ratcliffe (R-TX), explained that while the cyber insurance market is in its infancy, the potential is vast, and shopping for and purchasing cyber insurance can help firms evaluate their cyber risks. The official statements from the witnesses can be found here.
Witnesses discussed the growth of the cyber insurance market and what state insurance commissioners, the private sector and the federal government are doing to encourage more cyber risk management. Chairman Ratcliffe emphasized, and other Members agreed, that legislators should facilitate, but not mandate, private sector solutions and the maturation of the cyber insurance market. Tom Finan, Chief Strategy Officer at Ark Network Security Solutions and former Senior Cybersecurity Strategist and Counsel at DHS, said that cyber insurance is helping facilitate discussions about cybersecurity among the C-suite and CISOs, because executives understand the value of insurance even if they don’t fully grasp the complexity and severity of cyber risk. All Members of the committee and witnesses agreed that the cyber insurance market must be allowed to grow and mature at its own pace, but that the potential for cyber insurance to encourage greater cyber risk management and resilience is great.