CybersecurityWhite House considering incentives for cybersecurity compliance

The Obama administration is considering whether to back tax breaks, insurance perks, and other legal benefits for companies which bolster their digital defenses.  

DHS, which first brought up the idea in May, declined to comment, and an Obama administration official said the idea was a “snapshot in time,” and only “reflects some preliminary analysis.”

Politicoreports that the incentives, which include limited protections from legal liability and tax incentives, would be set up to persuade  power plants, water systems, chemical plants, and other critical infrastructure companies to comply with the voluntary cybersecurity rules which are being drafted as part of President Obama’s cybersecurity executive order.

The order largely depends on industry cooperation, so DHS and the Treasury Department are trying to explore ways to get infrastructure companies to invest in improving their cyber defenses.

Last week a top DHS cybersecurity official told lawmakers that nothing has been determined yet.

“We’re still having conversations,” Robert Kolasky, director of the agency’s Implementation Task Force, said.

Federal officials appear receptive to the idea. Kolasky said the administration believes “the best incentives are market-based incentives.” He added that the agency is “very much in favor of the cybersecurity insurance market.”
One of the incentives is cybersecurity insurance, with companies complying with the government’s cybersecurity rules could receive a break on their insurance.

A 12-page DHS document does not discuss exactly how it will capitalize then leverage the failing cyber insurance market, but the analysis does indicate that any changes dealing with insurance would be part of the “new legislation.”

For now the White House has kept quiet on possible incentives, but DHS said in May that it would provide an updated analysis later this year.