HomeResourcesGlossaryCyber Insurance
Cybersecurity Glossary

What is Cyber Insurance?

Cyber insurance is a policy that covers financial losses from cybersecurity incidents — ransomware payments, data breach response, business interruption, regulatory fines, and third-party liability. Increasingly, insurers require specific security controls (MFA, EDR, backups) before issuing or renewing coverage.

Blocks 99% of password attacks
Required by most cyber insurance
Core to SOC 2, HIPAA, PCI
How It Works

How Cyber Insurance works

Three-step view of how it operates in practice.

1

Assess exposure

Understand your risk: data volumes, revenue dependency, regulatory obligations, customer contracts requiring coverage.

2

Demonstrate controls

Complete the insurer’s questionnaire honestly. MFA, EDR, backups, IR plan, and training are baseline.

3

Renew annually

Controls must be maintained. Premiums reflect your security posture at renewal.

Cyber Insurance Variants

Coverage categories

A clear breakdown of the common variants.

Coverage

First-party

Your own losses: ransomware, business interruption, data restoration, notification costs.

Most common

Third-party

Time-based one-time codes from an app like Microsoft Authenticator or Google Authenticator. Offline-capable and phishing-resistant against many attacks.

Convenient

Social engineering

The user approves a sign-in with a tap on their phone. Easy to use but vulnerable to MFA fatigue attacks — always pair with number matching.

Strongest

Reputational harm

FIDO2 keys like YubiKey, or device-bound passkeys. Phishing-resistant by design — the key will not authenticate against a fake domain.

Why It Matters

Why Cyber Insurance matters for SMBs

Cyber insurance is a policy that covers financial losses from cybersecurity incidents — ransomware payments, data breach response, business interruption,…

83%
of cyber insurance applications now require MFA, EDR, and tested backups as baseline controls
Source: Marsh Global Cyber Insurance Report, 2024
Pitfalls

Common Cyber Insurance mistakes

  • Misrepresenting controls on applicationInsurers actively audit claim-time. Controls you said you had but didn’t = claim denial.
  • Inadequate limitsAdmins, finance, and anyone with access to money or sensitive data should use an app or hardware key — never SMS alone.
  • No IR retainer integrationMost policies require using the carrier’s preferred IR vendors. Knowing this before an incident saves critical hours.
  • Skipping renewalsYear-over-year, insurers ask more. If controls haven’t kept pace, renewal may be denied or sub-limited.
Common Questions

Cyber Insurance frequently asked questions

For SMBs, $1K-$10K annually per $1M of coverage. Heavily dependent on industry, revenue, and control maturity.
Baseline: MFA (especially on email and remote access), EDR on all endpoints, tested immutable backups, IR plan, security awareness training, patching discipline.
Usually yes, but with sub-limits and documentation requirements. OFAC sanctions complicate payments to certain threat actor groups.
Pre-existing conditions (incidents already in progress), nation-state attacks (varies), infrastructure outages (not caused by cyber), intentional acts, and fines considered uninsurable by jurisdiction.
Have a documented recovery process before it happens. Typically an administrator verifies the user's identity through an out-of-band channel, temporarily disables MFA, and re-enrolls the user with a new device. Backup codes or a secondary security key reduce downtime.
Related Services

LogicalNet services related to MFA

Identity & Access Protection Primary

MFA enforcement, conditional access, least privilege, and identity monitoring.

Email Security

Phishing defense, account-takeover monitoring, and secure email gateways.
Related Terms

Related glossary terms

MFA

Policies that adapt to device, location, and risk signals.

EDR

A security model that verifies every request as if it came from an open network.

Immutable Backup

Give users only the access they need — nothing more.

Incident Response

FIDO2 keys and passkeys that cannot be proxied or replayed.
Identity & Access

Cyber insurance application coming up?

Talk to a LogicalNet identity expert. We will review your current environment, recommend the right MFA methods for each group of users, and help you deploy without disrupting the business.

Schedule Consult Identity Services
No commitment · Local engineers · Response within 1 business day