The Why and How of Cyber Insurance

Gathering the Information Needed by Both Insurers and Insured

What’s Inside

In a world where data breaches are a question of when, not if, getting cyber insurance seems mandatory. At the same time — and for the same reasons — insurers are raising the bar to get this insurance and adding more coverage exclusions.

What critical information do insurers and customers need to determine what coverage is needed and whether the cost is worth it? While the specific questions may vary, there are a core set of IT and security related practices that carriers and underwriters consistently ask in policy applications. Understanding your organization’s current practices will help you understand your cyber risks, and perhaps even reduce them.

Why it Matters

Just like any other insurance, as the risk of loss increases, costs and exclusions increase. Some policyholders have reported year-over-year increases as high as 100%. At the same time, coverage amounts are decreasing and insurers are writing-in more exclusions related to certain threat scenarios such as business email compromise (BEC) or state-sponsored cyber-attacks.

As part of a policy’s annual renewal, your coverage may be reduced to meet a targeted deductible or premium…which seems like a good way to save money until you need to make a claim.

Unfortunately, because of these changes, more policyholders are struggling to understand what threat scenarios are covered. They may not understand until after filing a claim, for example, that coverage limits or exclusions were updated when a policy was renewed.

It’s important to do your homework before contacting insurers for quotes. Spending some time up front to gather accurate information about your current practices, and plug obvious holes, will pay off in lower premiums, not to mention reduced risks.

Weaver’s downloadable cyber-insurance questionnaire can help you gather information on these core practices — and maybe even self-address some important gaps — before requesting an insurance quote.