Be ready to detail how you handled well-known vulnerabilities in 2021. “Every application nowadays includes questions like: Have you had any exposure to SolarWinds, Microsoft Exchange Marauder vulnerability, or the Windows Print Spooler vulnerability? They go through basically a list of the top events that we heard about this year and ask clients if they’ve had exposure to it? If yes, they want all of the detail as to how they mitigated it, how they checked if there were any indicators of compromise in their environment, etc:” suggests Oren Wortman of Beecher Carlson, part of Brown & Brown.
Source: Preparing for cyber insurance 2022 renewals | Insurance Business America