The U.S. Treasury Department is seeking feedback from industry about whether it should take steps to support the cyber insurance market.
In a request for information published on Sept. 29, the department said it is looking for views on existential risks to the marketplace and policy measures that could help address such risks.
Policy measures include the creation of a backstop program for cyber insurance risk akin to the Terrorism Risk Insurance Program, which was created after 9/11 to allow Wall Street to continue to offer property insurance policies that include coverage for damage caused by acts of terrorism.
The creation of a backstop program would entail the Treasury taking risk off insurance companies’ balance sheets to support the market. It could give the federal government greater access to insurers’ claims data including for ransomware attacks.
Treasury’s RFI comes amid continued discussions across industry and government over how the cyber liability insurance market would respond to a systemic threat such as a major cyberattack from a nation-state that affects almost every area of the economy.
The department will collect evidence from industry through the Federal Insurance Office, which is a sub-agency that advises Treasury and other government agencies on matters relating to insurance and reinsurance.
“In order to inform the FIO’s future work and the joint assessment, FIO is seeking comments from the public on questions related to cyber insurance and catastrophic cyber incidents,” Treasury said in its RFI.
Last month, Lloyd’s of London, which is a specialist insurance marketplace that provides cyber insurance policies to companies around the world, introduced an exclusion that means its cyber coverage will no longer extend to cyber claims arising from acts of war or cyberattacks launched by nation-states.
The volume of cyber premiums written by insurance companies increased by 75% year-on-year to $4.8 billion in 2021, according to ratings agency A.M. Best. In a June report, the agency noted that the number of reported claims in the U.S. cyber market had swelled to nearly 26,000 during 2021, up from 22,000 in the prior year, and about 6,000 in 2016.