Congress to review Federal Cyber Terrorism Risk Insurance Program

599

A team of experts from the cyber arm of Congress is busy studying the costs involved when the critical infrastructure is targeted by cyber attacks. The objective is to reassess the coverage provided by the Federal Cyber Terrorism Risk Insurance Program( TRIP) in the event of cyber-terrorist activities on the IT infrastructure hosted by public and private properties

In general, TRIP also known as TRIA shares some losses with the private insurance operators when a company covered under the cyber insurance coverage is targeted by certified acts of cyber terrorism.

TRIP aka TRIA has expired on December 30th,2020 and so the General Accountability Office (GAO) has written a letter to congress early this year to analyze the costs incurred when infrastructure is hit by cyber terrorism-related activities.

However, not all cases will be reimbursed under the act of TRIP as the incidents need to meet certain specific certification-related clauses for reimbursement.

Therefore, Congress has set up an experts committee in Feb this year to analyze the costs involved in the attacks taking place on US Critical Infrastructures such as the Solar Winds Hack and the Microsoft Exchange Server hack. At the same, the committee will also be responsible to evaluate the present insurance coverage policies offered to victims and how well they are helping the victims to recover losses.

In a few days, all the information will be consolidated and presented before a committee that will then look into the matter of restructuring the response related to cyber-attacks and cyber-terrorism.

All these days the treasury was assigned the task of certifying the cyber attacks as cyber terrorism only if the acts met criteria such as they were extremely violent or dangerous to human-like, property, and infrastructure leading to heavy losses in the United States.

Congress has now been assigned the task of revising the certification criteria on different parameters such as the losses incurred to computing devices operating outside the United States and like.

Meanwhile, GAO has been authorized to investigate other challenges arising due to the lack of historical data on losses and certain stipulations that fail to exactly define certain incidents that are eligible to be covered by an insurance policy.

Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security