There has been a furor of activity by the federal government as it grapples with the cyber security threat. Guidance documents roll out, an executive order has been issued, and a Cybersecurity Framework has been set down. In all of this, insurance, the tool that is used in nearly all other circumstances where there is an exposure that threatens an organization’s existence, gets short shrift or no shrift at all. The article examines the government’s steps into cybersecurity and how insurance is addressed. It then offers some thoughts on what to do about it.