Cyber insurance readiness
Your cyber insurer now wants proof. Fail the questionnaire and your claim can be denied.
Insurers have tightened up. Before they'll write or renew a cyber policy, most now require MFA, tested backups and the Essential Eight basics — and if you tick "yes" without really having them, a denied claim is a nasty surprise at the worst possible moment. I'll check where you actually stand, in plain English, and get the gaps closed.
What insurers are demanding
The three that trip businesses up.
Multi-factor authentication (MFA)
On email, remote access and admin accounts — the #1 thing insurers check, and the #1 thing that stops a breach.
Backups you can actually restore
Regular, tested, off-site backups. Insurers ask; ransomware tests it for real.
The Essential Eight basics
Patching, admin restrictions, macro settings, application control — the ACSC baseline underwriters increasingly expect.
The Readiness Check
Answer these honestly. If any is "no", we should talk.
I'll run the check, give you a one-page report mapped to what insurers ask, fix the gaps, and leave you with the documented evidence to put on the renewal form with a straight face.
- Do you enforce MFA on all email and remote access?
- Are your backups automated, off-site, and test-restored?
- Are operating systems and applications patched within the insurer's window?
- Are local admin rights restricted to who actually needs them?
- Do you have documented evidence for all of the above?
Renewal coming up?
Don't sign a cyber policy you can't actually back up. Book a readiness check and go into renewal with the evidence.