As cyber-attacks continue to increase in frequency and sophistication, underwriters are being much more cautious when it comes to cyber insurance. Fuelled by data which suggests certain risk controls and operating environments help mitigate major cyber security risks like ransomware, as well as improve overall cyber security maturity, insurers are being ever more selective about who and what they will cover.

It’s common nowadays for underwriters to ask organisations to document their cyber security practices if they are to qualify for coverage and secure a reasonable premium. While most of the controls insurers look for have been established security practice for years, it’s nevertheless the case that some organisations could improve certain areas to establish better cyber maturity.