Treasury Plans Meeting to Discuss Cyberinsurance, NIST ‘Framework’

Stay current on changes and developments in corporate law with a wide variety of resources and tools.

By Alexei Alexis

Oct. 21 — The Treasury Department announced plans for a public meeting that will include an examination of developments in the cyberinsurance market and a cybersecurity “framework” developed by the Obama administration.

The meeting is scheduled to be convened Nov. 6 by the department's Federal Advisory Committee on Insurance, according to an Oct. 21 Federal Register notice.

The cybersecurity framework was finalized earlier this year by the National Institute of Standards and Technology (NIST), a division of the Commerce Department, under an executive order signed last year by President Barack Obama. The Treasury Department and other agencies have been exploring the idea of tying the framework to incentives such as cyberinsurance and grants.

The department's latest announcement was praised by the Internet Security Alliance (ISA), a Washington trade group representing stakeholders such as Boeing Co., General Electric Co., Lockheed Martin Corp., Verizon Communications Inc. and Wells Fargo & Co.

“Insurance companies are far better suited for quickly adapting their underwriting standards and practices to evolving cyber threats than regulatory agencies,” ISA President Larry Clinton said in a statement. “In addition, insurance companies can reward good cyber behavior by only agreeing to underwrite companies practicing appropriate levels of security and offering discounts, as they do for health and car insurance, for those who do a superior job.”

Clinton said the Treasury effort is so far the most aggressive step toward creating market incentives for cybersecurity since the president's executive order was issued.

To contact the reporter on this story: Alexei Alexis in Washington at

To contact the editor responsible for this story: Heather Rothman at

The Federal Register notice is available at

Request Corporate on Bloomberg Law