Is it Time to Require Cyber Assessments for Insurability?

Health screening to identify pre-existing conditions is a key aspect of obtaining life insurance. The screening may reveal pre-existing conditions that result in the life insurer declining to underwrite the insurance policy.  In the cyber insurance space, policies are often underwritten with no analogous screening. Insurers might issue a generic questionnaire to obtain data, but few insurers evaluate companies for true cyber security risk. Following record policy payouts for ransomware and social engineering attacks, insurers are now: 1) increasing premiums; 2) declining to underwrite for repeat claimants; 3) reducing sublimits on cyber security incidents; 4) carving out additional exclusions 5) conducting cyber risk assessments.  Increasing cyber preparedness is not just for practical reasons anymore.  It also can increase chances of being insurable for cyber security incidents. Preparation is always less expensive than reaction. Take action now to get ahead of cyber risk.