Cyber security insurance used to be like any other risk management tool. Manage it by building internal expertise, outsource it to a specialist provider; or lay it off to an underwriter or insurer. Cyber insurance has been seen as an effective risk management option to protect against loosely defined operational risks for many years.
Things are changing. Right now, cyber insurance is becoming increasingly difficult and costly to procure. It’s at the point where you need to verify your ability to manage the security risks in order to be eligible to insure them.