Achieving Success in Your Cyber Insurance Renewal
Something new is happening in the world of cyber insurance – have you heard about the way that policies are being written now? Can you anticipate how your application may change? Hopefully you have, but if your renewal period hasn’t rolled around yet, you might be out of the loop.
Underwriters are no longer assessing the way they used to, and insurance companies are no longer writing policies the way they used to. Your organization must understand its risk profile, implement enhanced controls, and be able to demonstrate how you prevent ransomware attacks. If not, you will struggle to complete the in-depth assessments waiting for you in your renewal period. Here are five ways to prepare for your next cyber insurance application.
1 – Develop an Application Renewal Plan
The first step in any formalize cybersecurity program is a plan, and it’s no different for cyber insurance applications. You must identify your renewal date and build a timeline around that. Find last year’s application and reference it so that you understand what you submitted previously. Now that carriers are raising rates, lowering coverage, and requiring new controls, you need all the information available to you.
As part of your renewal plan, request early application review. Get a copy of the new application and start asking questions about what has changed with your cyber insurance provider. What is required? What can you expect from similar clients? Is the risk profile based off last year’s approval?
2 – Assess Your Security Maturity
Through self-assessments, you can score your security maturity. This will give your team an idea of where to start when it comes to cybersecurity gaps and what underwriters expect. Assess yourself against the latest cyber insurance application criteria like internal and external controls, email security, disaster recovery processes, and more. Survey your vendors to learn if they meet your security requirements.
You can start preparing for your renewal with our self-led security risk assessment.
3 – Map Controls to People, Vendors, and Resources
It’s critical that you have a specific person or team responsible for all application criteria. A critical ways to prepare for cyber insurance renewal is to identify who is responsible for:
- Internal controls
- External controls
- Microsoft 365 controls
- Preventative controls
- Security governance review
- HIPAA review
- Asset review
- Patching baseline
- Zero trust baseline
- Disaster recovery processes
4 – Address Problem Areas in a Technology Roadmap
A technology roadmap a strategic document outlining the technological direction of your business. It gets everyone on the same page. It changes your IT department from being in reactive, fire-fighting mode to predictable, proactive action. Meetings will transition from deciding what to do to knocking out tasks and roadblocks. It guides your IT department by providing the master list of IT projects that need to be completed. A technology roadmap will be part of your evidence that underwriters can review to determine your commitment to cybersecurity.
5 – Remediate Priority Needs Before Renewal
Once you’ve prioritized your technology issues into low, medium, high, and critical items, it’s time for remediation. Details and transparency matter and can make or break the outcome of your renewal. Be sure to clearly articulate the investments and improvements you are making in cyber risk mitigation.
Even if you cannot remediate prior to renewal, you can at least show underwriters that you have taken some type of action, or, at the minimum, have outlined a plan to address and remediate these vulnerabilities. Even if your remediation plan needs to be rolled out in phases over several months, underwriters will want to know it is underway.
With the right guidance and planning, you can renew an existing policy with minimal changes in coverage or fees – but it’s critical that you understand the changes in the cyber insurance industry and how to fill out a detailed application. For support during your next cyber insurance renewal, let Dedicated IT help.