Technical controls your business may need to qualify for cyber-insurance

The Sourcepass Compliance team is often asked by our clients to review the technical requirements as outlined in their applications or renewal documentation for cyber-liability insurance policies.  While Sourcepass is not an insurance provider and does not offer consulting on coverages or policy details, through our strategic alliance with FounderShield, we have identified current trends in the key technical requirement questions or concerns underwriters may have.  As a result, we recommend your business be ready to answer the following technical readiness questions going into the application or renewal process: 

• Estimate the number of endpoints (split by desktops/laptops/mobile devices and servers) that you have on your network. 
• Confirm whether any legacy/end of life (EOL) systems are used to operate any critical systems. If so, are they segmented from the network? 
• Are your physical locations and critical systems segmented? 
• What security enhancements have been made in the past 12 months and what is planned for the next 12 months? 
• What is the cadence of internal/external network and vulnerability scanning? 

• What is the timescale for the installation of critical patches into the production environment? 
• Is remote access exposed to the internet without any controls such as IP whitelisting? 
• Describe your backup process:  

• Frequency? 
• Onsite/Offsite? 

• Are they segmented and/or encrypted? 
• Are all backups scanned for malware? 
• Do you maintain a hot site or warm site as part of a Business Continuity Plan? 

If you are unable to answer or address these sample questions, you can work with your Solutions Advisor to be sure the appropriate technical controls are in place to maintain the requirements, and our Compliance team to help with the documentation required for the application or renewal process. 

If you are interested in learning more about our strategic alliance with FounderShield, reach out to Roli Points, Sr. VP of Strategic Partnerships, at (877) 678-8080. 

Cybersecurity with Sourcepass

This information is provided to allow Sourcepass to work with partners to develop best practices to integrate Sourcepass cyber security solutions to reduce risk exposure and mitigate potential losses.  Sourcepass and its employees are not licensed producers and therefore are not engaging in the sale, solicitation or negotiation of insurance and are NOT offering advice regarding insurance terms, conditions, premium rates or claims.  Customers and partners in need of such services should be advised to consult with an appropriately licensed insurance producer, agent, broker or claims adjuster.