Denied or Difficulty Renewing Cybersecurity Insurance? Now What?

You’ve submitted inquiry after inquiry to a wide range of cyber security agencies, all promising better rates than the last. Shockingly, however, one after the other your applications are rejected and agencies are refusing to even quote your organization–but why? What happened?



     A rapidly shifting cyber insurance market has brokers on high alert. It also has them working harder to keep pace with coverage restrictions, diminished capacity, underwriting changes, and some significant price increases. These changes place additional burdens on brokers, prompting them to quickly find new solutions.

    As a result, premiums are increasing and coverage may be reduced or denied altogether. Meaning that some cyber security companies are no longer shy about walking away from business that doesn’t whet their appetite.


    Trying to purchase cyber insurance without doing your due diligence can get your application for coverage denied altogether. Insurance companies typically deny an application for cyber insurance because they view that certain company or organization as too risky. The following are common reasons cyber insurance applications are denied:

    • Inadequate cyber security testing procedures and audits

    • Inadequate technical cyber security controls

    • Inadequate cyber incident response plans

    • A lack of backup processes and recovery procedures

    • Inadequate policies concerning the security of vendors and business partners

    • Poor-quality security software and employee training

    In addition, most carriers have begun to require organizations to have the following cyber basics in place first before instating policies.

    • Multifactor authentication

    • Implementing rigorous patch management programs

    • Having a backup segmentation strategy

    • Endpoint security software


    With many years of experience in helping organizations manage cyber risk, our specialists have a deep understanding of cybersecurity risks and defense. Our Security Services help you to identify what can harm your organization, your clients, and your stakeholders and build the right plan to mitigate risk. The old saying goes, “You don’t know what you don’t know.” When it comes to cybersecurity, you cannot defend against a threat if you do not know it is there. We help you understand the risks and identify and implement what your organization needs to defend against cybercrime proactively. Security begins with assessing where you need to be and comparing that with your current security posture.