Skip to main content
S 245 119th Congress Senate Science, Technology, Communications Advisory bodies Computer security and identity theft Computers and information technology Congressional oversight Consumer affairs Government information and archives Government studies and investigations Insurance industry and regulation Public-private cooperation

Insure Cybersecurity Act of 2025

Introduced: January 24, 2025 Introduced by: Hickenlooper, John W. Democratic · Colorado See on congress.gov
Sign in to write a letter Sign in to watch
 Everywhere this bill has been 5 steps
Introduced
In committee
Reported out
Passed House
Passed Senate
To President
Became law
Jun 9, 2025
Placed on Senate Legislative Calendar under General Orders. Calendar No. 90.
Jun 9, 2025
Committee on Commerce, Science, and Transportation. Reported by Senator Cruz without amendment. With written report No. 119-28.
Feb 5, 2025
Committee on Commerce, Science, and Transportation. Ordered to be reported without amendment favorably.
Jan 24, 2025
Read twice and referred to the Committee on Commerce, Science, and Transportation.
Jan 24, 2025
Introduced in Senate
 Plain-English summary Congressional Research Service

Insure Cybersecurity Act of 2025

This bill requires the National Telecommunications and Information Administration (NTIA) to establish a working group on cyber insurance policies. Under the bill, these are defined as policies that offer coverage for losses, damages, and costs incurred due to cyberattacks and related incidents.

The working group is directed to analyze and address issues in the cyber insurance market facing both insurers and their customers. Specifically, the working group must develop information for customers on how to effectively evaluate policy options, and for insurers on how to clearly communicate with customers regarding policy provisions.

Additionally, the working group is directed to analyze and explain in layman’s terms

  • terminology commonly used in cyber insurance policies, including terminology used to include or exclude coverage for losses from cyber incidents;
  • how common policy provisions correspond to cyber incidents and potential responses, including ransomware and potential ransom payments; and
  • constraints faced by insurers in covering higher losses in cyber risk areas, such as reputational damage and loss of intellectual property.

At the conclusion of the working group's term, NTIA must publish and disseminate informative resources for cyber insurance stakeholders, including any recommendations formulated by the working group.  

What's happening now June 9, 2025

Placed on Senate Legislative Calendar under General Orders. Calendar No. 90.

 Committees of jurisdiction 1
 Cosponsors 1
All 1 Republican 1