Data Breaches Get Politicized
One of the miracles of the American Economic System is its ability to monetize everything. In the insurance industry, monetization of risk across many participants led to global trade in the 1600's. A wonderfully on-point short history of risk may be found online here. At some level, risk management has co-evolved as new technologies unfolded. Since networked computers are now ubiquitous, so is the ever-changing risk profile.
Unfortunately, politics - especially presidential politics - and especially with populism rising ahead of 2020, data breaches have become a talking point among politicians.
We were particularly appalled, for example, to read in Slatehow "New Bill From Elizabeth Warren Proposes Potential Jail Time for CEOs Over Massive Consumer Data Breaches."
At first blush, it appears to be punishment of the victimsrather than the perpetratorsof cyber-crime.
That said, the Warren bill won't impact most middle tier companies because it define a one-billion dollar threshold.
"(1) the term ‘covered corporation’ means a 4 corporation that generates more than 5 $1,000,000,000 in revenue on an annual basis; "
Further, Warren's proposed legislation would not coverfirms that impact less than one percent of the US population...so it really is aimed - initially - at the largest users of data.
However, it's typical that when new legislation comes along expanding government powers, that the framework for punishment is set at high levels (in this case One Billion Dollar Companies) and then in future legislation sold as a "housekeeping bills" lowers the boom of Middle Tier companies.
While we would have rather seen tougher criminal penalties and more funding for law enforcement in order to root-out actual criminals, the Warren measure may be symptomatic of the public's misunderstanding of cyber-threats.
If your firm does not have a currentsecurity and cyber-risk assessment, talk to us about getting started on one for your firm right away. Click here to contact us. Remember: It's free.
Who knows? Adequate cyber-insurance might someday become your own personal "get out of jail free" card.