Ari Schwartz, cybersecurity director at the National Security Council, forecasts that insurance policies designed to protect organizations against losses from cyber attacks would be a necessity by 2020, Nextgov reported Monday.
“We’re going to be well on our way to everyone having cyber insurance as just a basic set of insurance, just like property insurance,” Schwartz told a Nextgov-hosted forum Monday.
Aliya Sternstein writes Schwartz observed that the market for cyberinsurance is growing but the demand for such coverage still exceeds supply.
He said insurers could not offer a cyber-risk policy because there was no actuarial data to help them determine how it should work and what the costs should be, according to Sternstein’s article.
Sternstein reports the government and the energy sector collaborated to develop the Electricity Subsector Cybersecurity Capability Maturity Model, which serves as a tool for utilities to assess and improve their security posture.
“You have different industries now building these and the insurance companies are looking at what those industries are doing and are able to provide insurance much more easily for those sectors that have maturity models,” Schwartz added, according to Nextgov.
“That’s a really positive sign,” he added.