If you've renewed a cyber insurance policy recently, you've probably noticed the questionnaire has grown. Insurers have paid out enough claims now to know which controls actually reduce risk, and they're asking pointed questions about them.

Common asks include: is multi-factor authentication enforced for all remote access and email, are backups isolated from the primary network, is there an endpoint detection and response tool in place (not just legacy antivirus), and is there a documented incident response plan.

The firms that answer these quickly and accurately tend to get better terms and fewer follow-up questions. The firms that don't often find out the hard way — either at renewal time, or worse, when a claim is contested because a control they'd claimed to have wasn't actually in place.

We help clients prepare for this specifically: mapping current controls to what insurers ask, closing gaps, and keeping documentation current so renewal season is a formality, not a fire drill.