// Free Checklist · Ohio Businesses · Instant Access

Cyber Insurance
Readiness
Checklist

23 questions your carrier will ask at renewal — and what they mean for your coverage. Most businesses nationwide discover 6–10 gaps they didn't know they had. Find yours before your broker does.

✓ Used by 1,400+ businesses nationwide ✓ Based on real carrier questionnaires ✓ No signup required to use
⚠ Why This Matters Right Now

Cyber insurance carriers denied 38% more claims in 2024 than 2023 — most commonly for missing MFA, absent EDR, and untested backups. These are controllable gaps. The checklist below shows you exactly where you stand.

Your Readiness Score 0 / 23
Check each item your business has in place to calculate your score.
Section 1 — Identity & Access Control
Multi-Factor Authentication (MFA) on all email accountsCRITICALEvery user's email requires MFA. Carriers treat email MFA as table stakes — missing it can void your policy at claim time.
MFA on all remote access (VPN, RDP, remote desktop)CRITICALRemote access without MFA is the #1 ransomware entry point. Most carriers now require this as a coverage condition.
MFA on all cloud services (Microsoft 365, Google Workspace, etc.)CRITICALCloud account takeover via password spray is among the most common BEC vectors.
Privileged Access Management — admin accounts separated from daily useHIGHAdmin accounts should not be used for email or browsing. Carriers increasingly ask about this during underwriting.
Offboarding process — access revoked within 24 hours of employee departureHIGHUnrevoked access from former employees is a documented breach vector that carriers investigate in claims.
Section 2 — Endpoint & Network Security
Endpoint Detection & Response (EDR) on all company devicesCRITICALBasic antivirus is no longer acceptable to most carriers. EDR with behavioral detection is now a standard underwriting requirement.
All endpoints running current, supported operating systemsHIGHEnd-of-life OS (Windows 7, Server 2008, etc.) creates an automatic coverage gap at many carriers.
Automated patch management — critical patches applied within 14 daysHIGHUnpatched systems are the most common technical gap carriers find in denied claims.
DNS filtering / web security blocking malicious domainsREQUIREDDNS filtering prevents command-and-control communication from ransomware even after initial infection.
Email security with anti-phishing and attachment scanningREQUIREDEmail is the #1 ransomware delivery vector. Carriers specifically ask whether advanced email security is in place.
Section 3 — Backup & Business Continuity
Backups tested and verified within the last 90 daysCRITICALUntested backups are considered functionally absent by carriers. Document your most recent restore test.
Backups stored offline or air-gapped (isolated from production network)CRITICALRansomware specifically targets and destroys network-connected backups. Offline/immutable backups are now a standard carrier requirement.
Documented Recovery Time Objective (RTO) and Recovery Point Objective (RPO)HIGHDo you know how long recovery takes and how much data you could lose? Carriers ask this to assess your real-world recovery capability.
Business continuity plan — employees can continue working during an outageHIGHA documented BCP demonstrates organizational resilience and is increasingly required for higher coverage limits.
Section 4 — Policies, Training & Governance
Written Information Security Policy (WISP) — current and signedREQUIREDA WISP is explicitly required by GLBA Safeguards Rule and referenced by most carriers in application questionnaires.
Annual security awareness training for all employeesREQUIREDTraining documentation is reviewed in claim investigations. Annual training with completion records is the minimum standard.
Phishing simulation testing — employees tested at least quarterlyHIGHCarriers increasingly ask whether employees are tested, not just trained. Simulated phishing demonstrates a proactive program.
Written Incident Response Plan (IRP) — current and testedREQUIREDAn IRP directly affects claim payout speed and size. Without one, breach costs typically run 3–4x higher.
Vendor / third-party risk management process documentedHIGHThird-party breaches are now among the most common claim triggers. Carriers want to see documented vendor oversight.
Section 5 — Monitoring & Detection
24/7 security monitoring — someone is watching your environment around the clockHIGHCarriers favor insureds with continuous monitoring. The average dwell time for ransomware before detection is 21 days — 24/7 SOC collapses this dramatically.
Formal annual security assessment by a qualified third partyREQUIREDSelf-assessments are not sufficient. An independent assessment demonstrates due diligence and is increasingly required for coverage above $1M.
Documented process for detecting and reporting a breach within required timeframesREQUIREDHIPAA (60 days), GLBA (30 days), and state breach notification laws require documented detection and reporting processes.
What To Do With Your Results

Items you couldn't check represent real gaps that could result in a denied claim, premium increase, or reduced coverage limits at renewal. Securafy can address most of them in 30–90 days. Start with a free 30-minute strategy call — no obligation, just a clear plan.

Book My Free Strategy Call →
📄 Get the PDF Version

Send Me The
Printable Pdf

Get the printer-friendly PDF version plus a bonus section: 10 questions to ask your current IT provider about your cyber insurance posture.

No spam. You'll also receive the Securafy Times — monthly cybersecurity tips for business executives. Unsubscribe anytime.
🎙️ Related Webinar
Cyber Insurance Coverage Gaps

Randy Hall of Securafy and Holly Roe of Navigate Risk Advisors discuss exactly what carriers are looking for — and what gets claims denied.

Watch the Webinar →
Other Free Resources

Gaps on Your Checklist?
We Fix Those.

Most checklist gaps can be closed in 30–90 days. Securafy's SECURE-CARE and COMPLY-CARE tiers address every item on this checklist — with documentation your carrier will accept.

Book My Free Strategy Call → See COMPLY-CARE
Free Download

Get the Full Guide

Enter your name and email below — we'll send the guide directly to your inbox.

FREE · 30 MINUTES · NO SALES PITCH

See Exactly Where You're Exposed.
Before an Attacker Does.

Our free 47-point network and security assessment gives you a prioritised remediation report in plain language — no obligation, no upsell.

Book a Free Strategy Call → 📞 (330) 906-8888

★ Soteria Award — Most Trusted MSP in North America 2024  ·  30-Day Risk-Free Trial  ·  10-Minute Response Guarantee