Addressing the Private Sector Cybersecurity Predicament: The Indispensable Role of Insurance

The working paper addresses the topic of insurance, and the role it can play in mitigating and decreasing the losses and risks involved with human activities in every domain, but in particularly in cyberspace. The paper argues that to be effective, the insurance industry must target 6 “cyber risk mitigation function”: 1) engineering risks, 2) channeling corporate risks, 3) managing systemic risks, 4) harnessing collective security insights, 5) shaping broader risk trends, and 6) harmonizing risk related standards and practices internationally. The paper does well to state the different sectors involved in this new insurance realm, and state the risks involved within each one of them. For example, within the cyber risk environment, the authors noted that it was difficult for governments and corporations to respond to cyber threats and crimes due to commercial incentives and technical limitations (among many others). The Government also deals with limitations such as bandwidth, varying priorities and international collaboration restrictions. Ultimately the paper argues that the role of insurance should be to understand and manage risk, and the way to achieve this should be done through complimentary efforts of the government, insurance agencies and corporations.