Skip to content
Archived content. You are viewing v1 of SME Digital Advisor — the original multi-section site (risks, scenarios, policies, OWASP, flashcards). Go to current site →

Buying decisions

Choosing cyber insurance

Cyber insurance has matured. The cover is more useful and the requirements stricter.

The application is increasingly an audit of your security. Incomplete answers can void the policy.

Do you need it?

  • What would a 5-day outage cost you?
  • What would notifying customers cost?
  • Do any of your customer contracts require cyber insurance?

What good cover usually includes

  • Incident response: technical, forensic, legal, PR.
  • Business interruption.
  • Data restoration costs.
  • Customer notification.
  • Cyber extortion (with caveats).
  • Regulatory fines (where insurable).

Common gaps to ask about

  • Social engineering / BEC fraud.
  • Ransom payments.
  • Supplier failure.
  • State-actor exclusions.
  • Retroactive date.

What insurers want before they quote

  • MFA on email and admin.
  • Tested, ideally immutable backups.
  • EDR on endpoints.
  • Staff training on phishing.
  • An incident response plan.

If you make a claim

  • Notify within the policy window — before engaging your own IR provider, or cover may be voided.
  • Use the insurer's panel response provider unless explicitly permitted otherwise.
  • Keep contemporaneous notes.