How Cyber Risk Insurers Decide What to Charge You

by

Will my company need to spend more on its cyber risk insurance or not? Every company shopping for cyber risk insurance wonders about this, especially given the security risks of AI and major global outages that come out of the blue, like the recent CrowdStrike outage that snarled global business for days.

With the additional risks posed by AI and advancing technologies, cyber risk insurers are more careful than ever during client assessments these days. Is there one standard rule of thumb they’re using to set policy prices? Unfortunately, no. The truth is, your policy coverage levels and costs are entirely customized to your business and its needs, no matter what brokerage you work through. In the end, that customization is a good thing.

 

How Cyber Risk Insurers Assess Your Company Risk

Before writing a policy, we usually coordinate with your IT team or managed IT service provider to assemble your cybersecurity documentation. With this information, we’ll better understand the cybersecurity tools you’re running and how they are maintained. We’ll also understand your systems and how deeply good cybersecurity practices are embedded in your corporate culture.

At EA Partners, we do a thorough assessment before writing any policy, evaluating clients based on these factors:

  • Your industry — including your regulatory load and data loss risks
  • Your size — including the number of employees, locations, and number of devices/endpoints on your system
  • Revenues — how much your company brings in and how quickly those revenues would be impacted during an outage
  • Your cyber risks, including —
    • How well your cybersecurity tools work together and your commitment to a Responsible IT Architecture
    • How much of your business is dependent on third-party software providers
    • The amount of data that you must protect and the monetary impact of a loss of that data
    • The deductibles you are willing to pay
    • Your backup and disaster recovery plan
    • The completeness of your written cybersecurity plans, policies, and procedures, as well as your written monitoring and patching reports
    • The waiting period you can withstand before losses accrue
    • The quality and track effectiveness of your employee cybersecurity awareness training
    • Your commitment to login security and multi-factor authentication
    • Your regulatory exposure and compliance operations

 

Want to Ensure a CrowdStrike-Style Outage Doesn’t Take Down Your Revenues? Integris Can Help.

EA Partners works with Integris to provide Integris Cyber Insure to its clients. In my opinion, it’s one of the most comprehensive plans you can buy for the price. We’d love to help you create a customized cyber risk insurance plan that will cover you for all the significant risks in our online world. Contact us today for a free consultation.

Keep reading

How Can Managed IT Services Improve my Business Security?

How Can Managed IT Services Improve my Business Security?

How Can Managed IT Services Improve my Business Security: The Quick Take Managed IT services provide a comprehensive solution for businesses looking to enhance their security posture. By partnering with a Managed IT Service Provider (MSP), companies can outsource...

How Much Do Managed IT Services Cost?

How Much Do Managed IT Services Cost?

How Much Do Managed IT Services Cost? A Quick Take on Factors and Price Ranges How Much Do Managed IT Services Cost? In 2025, the average small to medium-sized company can expect to pay about $100 to $149 per month, per user to outsource their IT to a managed IT...

The Role of Cybersecurity in IT Support for Law Firms

The Role of Cybersecurity in IT Support for Law Firms

When it comes to hiring IT support for law firms, too many practices are stopping short of making the cybersecurity investments they need. In fact, according to the American Bar Association Tech Report, nearly half of all firms are missing one or more of the key...