From The Hill:

First, it aligns the incentives of both contractors and insurers to mitigate risks. For their part, insurers want to underwrite prudent risks to avoid having to pay out large amounts in the event of a data breach. Clients want to prove to insurers that their security posture makes them worthy of coverage at low premiums. Firms that effectively manage their cyber risk get those lower premiums.