Lawmakers must incentivize cyber protection for critical infrastructure
Cyberscoop
|
Contributed by: Drex DeFord
Summary
The increasing digital connectivity in the United States has introduced unprecedented cyber threats to critical infrastructure, posing significant risks to public safety. Federal policymakers are examining how insurance products can bolster cyber risk management, drawing parallels with incentives seen in homeowner and automobile insurance. Standards of care must be established across Operational Technology (OT) sectors to mitigate risks similar to fire or mechanical failures. The emphasis is on implementing mandatory cyber safety engineering standards to ensure resilience in new infrastructure, aided by the $1.2 trillion Infrastructure Investment and Jobs Act. A taxpayer-funded backstop for catastrophic cyber incidents could lead to moral hazard risks, making it crucial to prioritize proactive risk mitigation over risk transfer. Active collaboration among asset owners, engineers, and insurers is essential for effective cyber risk management and continuous improvement. Public policy must focus on avoiding consequences rather than managing post-catastrophe outcomes to protect lives.