With a 100 percent annual increase in cyber incidents over the past three years, insurance carriers are increasingly writing cyber policies that require policyholders to comply with specific “cyber hygiene” standards, said Pillsbury Insurance Recovery & Advisory partner Tamara Bruno.
Bruno told Law360 that in order for policyholders to obtain lower premiums or simply favorable terms, they increasingly must provide their insurance carriers with evidence that they maintain good cyber hygiene to lower their risk of being compromised.
“You want to make yourself an attractive story, especially if you have a history of [cyberattack] incidents,” she said. “But you really have to make sure your answers are very technically accurate.”
Bruno warned that, “[policyholders should be] very wary of underwriting questions that are all-or-nothing.”
Bruno concluded that policyholders should be active in the underwriting process and try to push back on any “ambiguity,” either in an application or in a policy's terms that could lead to later disagreement.