Cash and Controls: Qualifying for Cyber Insurance in 2022

As cyber insurance premiums continue to climb, insurance providers are getting increasingly selective about who and what they’ll cover.

Cyber criminals are only getting better—a fact reflected in their increasingly sophisticated attacks. And with the heightened frequency, scale and impact of these attacks comes higher cybersecurity insurance premiums for many businesses. Many organizations are finding that the cost of cyber insurance has increased dramatically in the past few years.

But premiums aren’t the only costs that are rising. The price of admission to even be considered for coverage is going up as well. If a business wants to qualify for cyber insurance, there are several security controls they need to have in place before an insurance company will consider underwriting the policy:

  • Multi-factor authentication: When it comes to any remote access or accounts with administrative privileges, it is critical that businesses require users to identify themselves with something more than just a username and password. The second form of identification needs to be something you are or something you possess.
  • Endpoint Detection and Response (EDR): Businesses need to make sure that their employees’ devices are protected by second generation anti-virus and anti-malware software. The solutions that only look for a virus’ “fingerprint” are no longer considered acceptable.
  • Secured, Encrypted and Tested Backups: To protect their data, businesses need to ensure that their backups are both encrypted and stored in a secure location. Many of the underwriters are defining “secure” as: the backups are either offline or immutable.
  • Privileged Access Management: Businesses should make sure that access to highly privileged accounts (including system accounts) are protected and managed using an encrypted password vault.
  • E-mail Filtering and Web Security: The easiest way for a cybercriminal to access an organization's system is to take advantage of human curiosity. Automatically interrogating emails for suspicious content (attachments and links) before the designated recipient has a chance to open them can help reduce the risk of falling for a phishing attack.  

These are the five controls that are most important to insurance companies right now. In the coming years however, organizations can expect these additional controls to come into play: 

  • Patch Management and Vulnerability Management: Businesses should make sure they are continuously patching their applications, databases and operating systems timely.
  • Incident Response Plan: It is critical that organizations have a formalized plan for how to respond if something goes wrong. It is equally important that this plan is periodically tested and modified as needed.
  • Required Cybersecurity Awareness Training: While technology can help reduce the risk of cyber-attacks, your employees are still the easiest path to compromise. Mandatory security awareness training, with a focus on phishing, for all employees is a critical component of improving your overall cyber security profile.
  • Network Device Hardening Standards: Organizations should have configuration standards defined to improve the security of network devices by eliminating non-essential services and minimizing vulnerabilities.
  • Login and Active Monitoring of Network Devices: This is not as simple as monitoring the network traffic that enters and leaves the system. Organizations must also be cognizant of the traffic that flows between their internal network devices. Logs should be aggregated, and analytics should be used to identify and alert management of suspicious activities. 
  • Management of End-Of-Life Systems: When an organization’s technology is no longer receiving updates or support services from vendors, the end-of-life systems must either be replaced or isolated from the rest of the network through segmentation.
  • Robust Third-Party Risk Program: Companies must have protocols in place to assess the controls of vendors that have access to your systems or data.

Going forward, businesses can expect the cyber insurance landscape to remain pricey and more difficult to obtain the desired coverages. Given the cost and frequency of today’s cyber-attacks, more companies are looking to outsource some of the risks as part of their mitigation strategy. Continuously monitoring and investing in their cybersecurity postures can help organizations improve their chances of obtaining the cyber coverages they desire.    

About Schneider Downs Cybersecurity

The Schneider Downs cybersecurity practice consists of experts offering a comprehensive set of information technology security services, including penetration testing, intrusion prevention/detection review, ransomware security, vulnerability assessments and a robust digital forensics and incident response team. For more information, visit or contact the team at [email protected].

In addition, our Digital Forensics and Incident Response teams are available 24x7x365 at 1-800-993-8937 if you suspect or are experiencing a network incident of any kind.


You’ve heard our thoughts… We’d like to hear yours

The Schneider Downs Our Thoughts On blog exists to create a dialogue on issues that are important to organizations and individuals. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. If you have a question or a comment about this article – or any article from the Our Thoughts On blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. Email us at [email protected].

Material discussed is meant for informational purposes only, and it is not to be construed as investment, tax, or legal advice. Please note that individual situations can vary. Therefore, this information should be relied upon when coordinated with individual professional advice.

© 2023 Schneider Downs. All rights-reserved. All content on this site is property of Schneider Downs unless otherwise noted and should not be used without written permission.

our thoughts on
Tis the Season: Unwrapping the Top Holiday Scams of 2023
Squish the Quish – Stop and Think Before You Access a QR Code
SEC Charges SolarWinds and CISO Timothy Brown For Misleading Investors
Think Before You Click: Fake Browser Updates are Back in Style
Protect Your Manufacturers: 3 Common Cyber Attack Methods to Watch Out for in 2023
Protect Your Students, Faculty and Staff: 3 Common Cyber Attack Methods to Watch Out for in 2023
Register to receive our weekly newsletter with our most recent columns and insights.
Have a question? Ask us!

We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.

Ask us
contact us

This site uses cookies to ensure that we give you the best user experience. Cookies assist in navigation, analyzing traffic and in our marketing efforts as described in our Privacy Policy.