What Your Cyber Insurance Application Promised — and Whether Your Environment Agrees

Somewhere in your files is a cyber insurance application, signed by an officer of your firm, making specific factual representations about your controls: MFA on email and remote access, EDR deployed, backups tested, payment instructions verified out-of-band, training conducted. The premium was priced on those answers. The claim, when it comes, will be adjusted against them — and the gap between what the application says and what your environment does is, functionally, an unfunded retention you don’t know you’re carrying.

The rest of this article is free to read with a BrainTrust membership — joining takes about a minute, and no credit card is required.

Join the BrainTrust   Already a member? Sign in

Keep Reading

More on this topic: Vendor Due Diligence →