Is your firm cyber-insurance ready?
Renewal questionnaires got strict — and the answers get re-checked after a claim. Run this 2-minute check to see how your controls measure up to what underwriters now expect, and exactly which gaps to close before you sign the application.
Is multi-factor authentication (MFA) on every admin account — plus email and remote access?
Underwriters now break MFA into separate yes/no lines and want a “yes” on every one — admin accounts most of all. Missing or partial MFA is the #1 reason applications get declined.
Is monitored EDR/MDR on every device — including your servers (not just the built-in antivirus)?
Servers are where ransomware does its damage. Carriers now want EDR/MDR with 24/7 monitoring on every endpoint and server — plain antivirus no longer counts.
Are your backups immutable or isolated from the network — and have you tested a real restore (and know the date)?
Two things in one: backups ransomware can’t reach, and proof you’ve actually restored from them. “When did you last test a restore?” is where most offices fail the application.
Do you have a written incident-response plan you’ve actually tested (a tabletop in the last year)?
Carriers want a rehearsed plan, not a binder on a shelf — exercised at least annually and mapped to your breach-notification obligations.
Is there advanced email filtering / anti-phishing in front of every inbox?
Business email compromise and wire fraud are the most common cyber claims. Carriers ask about advanced email filtering and whether DMARC/SPF/DKIM are configured.
Do your staff get security-awareness training and phishing tests?
Your people are the most-attacked surface, and carriers score how often you train and test them.
Your cyber-insurance readiness
🚩 The controls carriers now expect before they’ll write or renew — you’re missing these:
👥 Move the cyber-insurance question around your office. Drop this in your team chat or send it to whoever signs the renewal: simonsayssystems.com/tools/cyber-insurance-readiness-check/
This self-check reflects your own answers and is general information, not insurance advice. Simon Says Systems is not an insurance broker — see what 2026 underwriters require & how we document it.
Going into renewal? Let’s make sure you can answer yes.
Book a free cyber-insurance readiness check. We’ll see how your setup measures up to what carriers expect for 2026, close the gaps, and give you the documentation they ask for — no obligation, and we never ask for patient or client information.