Risky Business: Lessons for Mitigating Cyber Attacks from the International Insurance Law on Piracy

Organizations of all sizes have increasingly been investigating the prospect of investing in cyber risk insurance to better manage the multifaceted cyber threat. But how useful is cyber risk insurance? Is international insurance law impacting the cyber risk insurance market? And what lessons can be taken from other analogies such as the maritime piracy context? This Article discusses the impact of cyber attacks on the private sector along with analyzing the benefits and drawbacks of relying on cyber risk insurance to enhance cybersecurity by drawing from the maritime insurance industry’s response to piracy. We argue that firms must take a proactive stance to managing cyber attacks for their competitive wellbeing as well as to help secure critical international infrastructure, but that stakeholders should learn from past experiences and begin by defining “cyber attacks” and international cybersecurity due diligence norms.