Cyber insurance used to be simple: You filled out a short form, paid the premium, and you were covered. But that's no longer how it works.

Insurers have taken heavy hits from ransomware, data breaches, and business email compromises.

Now, they expect proof that you're taking security seriously before they agree to cover you. If you can't show certain protection, you may get refused or pay a much higher premium.

The good news is that once these protections are in place, you're safer with or without insurance. As an MSP, this is exactly what we help clients sort out. Here's what insurers usually want to see.

Cyber Insurance Isn't a Shortcut Around Security

Many business owners assume cyber insurance will bail them out if something goes wrong, but insurers see it differently. They look at your business the same way a fire insurer looks at a building with faulty wiring.

That's why they send long questionnaires asking about passwords, backups, access controls, staff training, and software updates. Your answers directly affect whether they'll cover you and how much they'll charge.

It makes sense to build such protection properly rather than guessing your way through the forms.

Security Awareness and Staff Training

Phishing is still the number-one entry point for cyber incidents, and insurers know it. They often ask if you:

1. Train staff regularly.
2. Use a second approval step for payments.
3. Verify changes to bank details through a known phone number.

They want evidence that you aren't relying on instinct or "common sense."

In practice, this means short training sessions, phishing simulations, and simple rules such as confirming invoice changes with a phone call. We can automate this training and build approval checks into your workflow so it becomes part of everyday practice.

Multi-Factor Authentication Is Now Expected

If there's one control insurers insist on, it's multi-factor authentication. Once a password is stolen, MFA often prevents attackers from accessing your email, cloud storage, accounting systems, and remote access tools.

Insurers expect MFA on email, admin accounts, remote access, and key cloud apps. Anything less raises premiums or causes delays.

We can roll out MFA properly, enforce it across your systems, and keep disruptions to a minimum.

Backups That Actually Work

Most insurers no longer accept a basic "Yes, we back up." They want to know:

1. How often you back up.
2. Where backups are stored.
3. Whether backups are isolated from ransomware.
4. Whether you test restores.

From their point of view, working backups turn a major incident into an inconvenience. From your point of view, they're your last safety net.

We can set up the right backup system, store copies separately, and test them regularly. You'll also have clean documentation for the insurer.

Identity and Access Management

Insurers don't want a situation where every staff member has access to everything. They look for access that matches job roles, separate admin accounts, quick removal of old accounts, and no shared passwords.

This reduces the damage if one account gets compromised.

We can map out the access your staff actually need and then lock things down without slowing anyone down.

Network Segmentation, Encryption, and Patch Management

For higher cover amounts, insurers ask more detailed questions about your technical setup. They may want to see:

1. Segmented networks.
2. Encrypted laptops and phones.
3. Regular patching of software and devices.

For example, segmentation stops infections from spreading from guest Wi-Fi to your business systems, encryption protects data if a laptop is stolen, and patching closes security holes that attackers rely on.

We already manage these protections for clients and can bring the same structure to your business.

What Happens If You Don't Have These Controls

If the right protections aren't in place, insurers might decline to cover you, raise your premiums, or restrict payouts. They're pricing risk, and if you don't reduce your risk, they increase their prices.

If you do have these controls in place, you'll usually see lower premiums, fewer questions, and better coverage.  To see how we can help your company, call us today at 903 347 0073.