The challenges created by the current cyber threat landscape continue to plague insurers, policyholders and prospective purchasers of cyber insurance. To qualify for cyber insurance, insurers require organizations to have certain basic controls and be prepared to respond and bounce back quickly in the event of a cyberattack.
This guide explains the major control categories that must be implemented to qualify for cyber insurance. These control categories are not an exhaustive list of all insurer requirements. Multiple factors are considered by each individual insurer when evaluating an organization. However, the consistent message from cyber insurers has been that the controls discussed in this guide are the ones they find most important at this time.