By Rebecca Bole, Head of Industry Engagement
The US Treasury today announced (November 17) it has established consensus with the industry that a federal insurance response to cyber cat risk is warranted and will now move into the design of structures.
This represents a huge step toward building societal resilience to extreme systemic cyber attacks by encouraging a sustainable private insurance market while providing clarity around the point at which the government steps in to cover residual losses suffered by businesses and citizens.
Insurance industry movers and shakers joined various government agencies and enterprise representatives at a packed conference, co-hosted by the Federal Insurance Office (FIO) of the US Treasury and NYU Stern’s Volatility and Risk Institute.
The catastrophic loss potential of cyber risk was not in doubt throughout the discussions. All speakers were also in agreement that extreme cyber tail risks could be too big for the private sector balance sheets to shoulder alone. So, the constructive discussion moved swiftly to contemplating the size and shape of a government backstop for catastrophic cyber risk.
It was gratifying to see all the key stakeholders required to move this initiative forward, in the same room: CEOs and C-Suite from the largest carriers and brokers; policyholders representing large and small enterprises managing cyber risk and buying insurance; cyber risk professionals creating and selling insurance policies and industry associations.
CyberCube CEO, Pascal Millaire, moderated a panel that highlighted some of the work we have been doing on quantifying that extreme cyber risk - both insured and uninsured - for the purpose of this discussion.
And from the government, an enormously important alphabet soup including CISA, ONCD, FIO.
The final keynote was delivered by Graham Steele, Assistant Secretary for Financial Institutions, U.S. Department of the Treasury, who announced the next phase of the backstop project:
In early 2024, the government will convene a series of working groups to dive deeper into some of the details, which will be analyzed at an FIO-hosted conference in April 2024.
“Treasury will host an additional conference during the week of April 22 exploring in more detail some specific ideas about what form such a federal insurance response to catastrophic cyber risk, and/or a public-private partnership or other collaborative mechanism, might take. This conference, which FIO will organize, will naturally draw on the expertise of industry and other cyber insurance stakeholders, and will, in effect, serve as the follow-on to today’s event,” Steele said.
CyberCube’s team is looking forward to continuing its work on this initiative, by applying our analytics to quantify one of the major risks facing society today and help build societal resilience to extreme cyber loss events.