WelcomeUser Guide
ToSPrivacyCanary
DonateBugsLicense

©2025 Poal.co

1.3K

This is interesting in many ways. One of the greatest risk responses is transference, and thus why 'cyber insurance' is interesting; it is a relatively undefined area. Though I am a proponent of, and advocate for, cyber insurance, it really is the devil in the details approach to risk response - what I mean is, in order for an org to be properly insured, the org must define 'data' since 'data' is intangible as well as access to said data - ref . This is also includes that of due diligence and due care on part of the c-suite and those charged with fiduciary responsibly - ref Equifax debacle a few years ago. How this will ultimately affect MSPs (Managed Service Providers), CSPs (Cloud Service Providers) and SMBs (Small-Medium Businesses) will be interesting. It will also be interesting how this plays out when it comes to breach notification and protection for multinationals.

If the org cannot - or will not - be insurable, then what recourse to consumers have to protect themselves. Realizing this puts more onus on the org housing the data, this could dramatically increase the 'cost of doing business.' This potential added cost could also steer SMBs away from transference though in some industries it is required.

This is interesting in many ways. One of the greatest risk responses is transference, and thus why 'cyber insurance' is interesting; it is a relatively undefined area. Though I am a proponent of, and advocate for, cyber insurance, it really is the devil in the details approach to risk response - what I mean is, in order for an org to be properly insured, the org must define 'data' since 'data' is intangible as well as access to said data - ref [EMOI Services LLC](https://law.justia.com/cases/ohio/supreme-court-of-ohio/2022/2021-1529.html). This is also includes that of due diligence and due care on part of the c-suite and those charged with fiduciary responsibly - ref Equifax debacle a few years ago. How this will ultimately affect MSPs (Managed Service Providers), CSPs (Cloud Service Providers) and SMBs (Small-Medium Businesses) will be interesting. It will also be interesting how this plays out when it comes to breach notification and protection for multinationals. If the org cannot - or will not - be insurable, then what recourse to consumers have to protect themselves. Realizing this puts more onus on the org housing the data, this could dramatically increase the 'cost of doing business.' This potential added cost could also steer SMBs away from transference though in some industries it is required.

(post is archived)

You are currently inside a comment thread.
Click here to see all the comments (5).
[–] 1 pt

I'm trackin'.

So what's to prevent insurance companies from saying that not adopting digital ID requirements is lack of due care?

I don't know exactly how digital ID could be proven to be mitagatory, but I could see it inevitably becoming a requirement to 'qualify' for coverage. Slippery slope.

The remaining part of your response is interesting, and I agree. How this unfolds will be interesting, for better or for worse, and it could very well redefine the landscape.

[–] 0 pt

Yes, it is a slippery slope.

They're going to pull out all the stops trying to push us into the "great reset." I can see a lot of nastiness down the road.