Quite a bit of uncertainty remains about how to share the responsibilities and liabilities associated with state-sponsored cyberattacks. Should states and the federal government play a role in defending against such attacks? How much liability should they take on, if any?
“When it comes to liability for state-sponsored hacks on financial institutions, neither the government nor banks knows quite where responsibility lies. The general issue of who’s in charge, who’s responsible, has not been clear for 15 years.” said Jeff Schmidt, chief executive and founder of JAS Global Advisors. Schmidt noted that the financial sector is especially at risk because they often bear the brunt of state-sponsored cyberattacks.
One of the most pressing issues today is determining who must pay for the losses and damages resulting from an attack – historically, the responsibility has landed on the businesses. Schmidt argues that the financial sector has begun to favor a government backstop similar to the one set up after 9/11 through the Terrorism Risk Insurance Act. He believes that such an idea may make sense.