TRIP May Not Cover Most Cyberattacks
July 5, 2022
The Government Accountability Office has issued a warning. The government’s Terrorism Risk Insurance Program (TRIP) cover cyberattacks if they can be considered “terrorism,” but “cyberattacks don’t necessarily meet the program’s criteria to be certified as terrorism. Attacks must be “violent or coercive in nature” to be certified, the GAO said. The question of how to label a cyberattack is central to insurability in the private market as well. For example, some of the most egregious attacks have been attributed to hostile governments rather than private actors, and several insurers have cited those attributions to avoid paying on policies that don’t cover “acts of war.” The GAO recommends that the Cybersecurity and Infrastructure Security Agency (CISA) work with the Director of the Federal Insurance Office to “produce a joint assessment for Congress on the extent to which the risks to the nation’s critical infrastructure from catastrophic cyberattacks, and the potential financial exposures resulting from these risks, warrant a federal insurance response.”
Get our free daily newsletter
Subscribe for the latest news and business legal developments.
Read this next
President Biden’s Executive Order on the Safe, Secure, and Trustworthy Development and […]
The Cybersecurity and Infrastructure Security Agency and the FBI have issued a […]