GAO urges CISA, Treasury Dept. to analyze critical infrastructure attacks to determine need for federal insurance program

A new report from the Government Accountability Office directs CISA and the Treasury Department’s Federal Insurance Office to conduct an analysis for Congress of attacks on critical infrastructure in an effort to determine whether creating federal cyber insurance protection is “warranted.”

“Cyber insurance and [Treasury’s] Terrorism Risk Insurance Program (TRIP)--the government backstop for losses from terrorism--are both limited in their ability to cover potentially catastrophic losses from systemic cyberattacks. Cyber insurance can offset costs from some of the most common...