Insure Cybersecurity Act of 2023
This bill requires the National Telecommunications and Information Administration (NTIA) to establish a working group on cyber insurance policies. These are policies that offer coverage for losses, damages, and costs incurred due to cyberattacks and related incidents.
The members of the working group must include representatives from the Cybersecurity and Infrastructure Security Agency, the National Institute of Standards and Technology, the Department of the Treasury, and the Department of Justice. The working group must address ways to improve customers' understanding of the technical and legal terms used in cyber insurance policies. This includes developing recommendations for (1) customers to effectively evaluate the types and levels of coverage offered under a policy; and (2) insurance issuers, agents, and brokers to communicate policy provisions in a manner that is easily understood by customers. Additionally, the working group must identify market constraints and other factors that limit the use of cyber insurance to respond to the risk of cyber incidents and recommend incentives and other means to encourage such use.
The working group terminates once it submits a report of its findings and recommendations to Congress.
The bill also requires the NTIA to make resources on cyber insurance, including recommendations of the working group, publicly available on its website.