Presentation for RSA includes market intel and useful tips for navigating the cyber insurance market, from methods for estimating required coverage to “gotchas” lurking in policy fine print.
Examples from the report:
The top reasons insurers don’t pay
1. “It’s related to the same breach as last year”
2. “We only pay up to _____” (sublimit)
3. “We only pay for costs AFTER you notify us”
4. “We gave you negotiators/forensics/media advice you didn’t use”
5. “Your depiction of your security posture was inaccurate
The 7 Biggest Pitfalls [in Obtaining Cyber Insurance] – quick list
1. Not getting enough coverage
2. Not being explicit with coverage (no silent cyber)
3. Not socializing estimations (get the history first)
4. Committing without knowing the required posture reporting
5. Sharing too much with the insurance company
6. Auto-renewing without a price check & re-assessment
7. Not ensuring that all critical threats are covered