The Source for Cyber Insurance News, Insights and Data
While not everybody is yet entirely convinced the feds should provide a backstop to cyber insurers for catastrophic system-wide attacks, Politico reports the discussion is moving forward. “But policymakers and executive branch officials have plenty left to iron out, said (RAND senior policy researcher Sasha) Romanosky (@SashaRomanosky), and they might opt for something far less … Read more
Focus on cybersecurity for the grid was growing even before criminals attacked Washington and North Carolina substations in December. “The Federal Energy Regulatory Commission is considering developing new cybersecurity rules for DERs (Distrubuted Energy Resources) on the bulk electric system and DOE (Department of Energy) is directing millions to support ‘next-generation’ cybersecurity research, development…” “…The … Read more
“Lawmakers also want CISA (Cybersecurity and Infrastructure Security Agency) to report back in 90 days about the feasibility of a public-private ‘cyber insurance and data analysis’ working group and establishing an accreditation program for third-party cybersecurity providers that work with federal agencies, critical infrastructure operators and state and local governments.”
Morley Companies settled for $4.3 million in relation to its August 2021 hack. The company did not report the data theft to the public until early 2022, apparently running further afoul of California and HIPAA regulations. “The Michigan-based third-party vendor provides process outsourcing for a range of U.S. companies, including healthcare. A little more than … Read more
American Property Casualty Insurance Association’s response to the federal government’s request for comment on cyber insurance issues: “We believe it is premature to explore the details of a federal insurance response without conducting a thorough study of the threshold questions raised above to determine where, if at all, such a response is needed. Nevertheless, experience … Read more