#HowTo: Evaluate Your Cyber Insurance

Written by

Businesses depend on access to their data and critical software – but with ransomware attacks at an all-time high, these resources are increasingly under threat. As threat actors continue to take aim at foundational aspects of a business (e.g., web hosts and content management systems), cyber insurance is one of the most critical investments an organization can make.

However, it’s clear that traditional insurance is not equipped to cover the loss or corruption of data. It’s not enough for cyber insurers to passively use a paper policy that sits on the shelf, year after year. Instead, organizations should look for an insurer that not only keeps their business safe and operational during and after a cyber incident, but also proactively helps them manage cyber risk. Here’s how to do it.

Look for Providers Who Help Manage Your Risk

One of the biggest misconceptions about stopping cyber threats is that it’s just a technology challenge. As a result, the widely-accepted approach has been throwing more technology at the problem – from access controls, firewalls, sandboxing to EDR (Endpoint Detection And Response) tools. While these tools play an important role in cyber prevention and mitigation, ransomware is a risk management problem at its core. 

There is no industry better positioned or more incentivized to help customers manage and mitigate their cyber risk than the insurance industry. A good cyber insurance provider goes beyond paying claims and actively helps policyholders identify, manage and reduce white-hot areas of cyber risk.

Just like property insurance underwriters provide engineering evaluations of policyholders’ buildings, cyber insurers should set clear standards for a minimum viable level of security, along with the support to help businesses reach those standards, by:

  • Evaluating a prospective policyholder’s cyber hygiene free of charge, then identifying any required patches or policy and technology changes needed to reduce risk.
  • Sharing materials to educate a policyholder’s employees about phishing, ransomware and other security threats where widespread compliance and cooperation is essential.
  • Investing in proactive monitoring and control technologies for policyholders to identify security threats and vulnerabilities in real time.

By investing in proactive monitoring technologies and cyber education, cyber insurers help customers monitor their risk exposure and improve the resiliency of their security technologies. Strong cyber insurance partners also continuously monitor threat actor activity and guide policyholders on the latest threat intelligence, such as identifying exposure points along a company’s supply chain and providing instructions for timely remediation. Providing this guidance plays a critical role in helping policyholders improve their cybersecurity posture and preventing claims in the long run. 

Prioritize Third-Party Protection

A major exposure point for companies, especially small and mid-sized businesses, is the risk that third-party technologies, like MSPs, public cloud providers and other SaaS applications introduce. Recent ransomware attacks have exploited these platforms to spread through organizations and commit maximum damage. A good cyber insurance partner helps customers understand the full scope of their risk across their business and close critical security gaps that could expose sensitive data to third parties (and vice versa).  

To address third-party risk, businesses can either mitigate it, transfer it to another entity or accept it. If a policy doesn’t cover third-party platforms and applications, the business is self-insuring for that peril, whether they know it or not. A responsible cyber insurance provider will monitor these potential threats and continuously observe whether the whole ecosystem is resilient against potential attacks.

Ask cyber insurers to walk through what level of coverage and threat mitigation they can provide for an entire IT ecosystem; this is key to preventing future claims. 

Commit to Comprehensive Coverage

Many insurers are restricting their coverage for cyber incidents by introducing widespread coinsurance provisions – requiring policyholders to pay a fixed percentage – and other terms that increase expenses. Comprehensive coverage is essential, but with many insurers adding loopholes to reduce coverage, it doesn’t mean what it used to. 

To provide comprehensive coverage, cyber insurance needs to return to reasonable rates and high-quality, proactive protection and claims mitigation services for business interruption from all cyber events. This includes ransomware, other forms of cyber extortion and data breaches. The right provider will also account for the increasing occurrence of state-sponsored attacks on businesses – rather than leaving them in the lurch.

At a minimum, confirm that a cyber-insurer’s rates are sustainable and that the terms for coverage provide enduring support for risk management and future claims. 


Identifying the best cyber insurance on the market requires confirming that a provider’s digital and risk mitigation capabilities can actively prevent threats and provide support in case of a cyber-attack. A static, passive management policy won’t be effective in raising a businesses’ cyber resilience or preventing claims long term. By investigating the scope and technical strength of a cyber-insurer, businesses can identify truly comprehensive coverage for risk prevention.

What’s hot on Infosecurity Magazine?