cyber-insurance-readinessYou got their attention. You did a webinar on being prepared for the new requirements in Cyber Insurance OR you just told them about the changes and why they were happening. Now, they are interested in a “Cyber Insurance Readiness Assessment.” What Next?

Your clients’ cyber insurance policy requirements ARE about to change (if they haven’t already).

With high-profile attacks making the news and increase cost for cyber security response (or ransomware payment) insurance providers are moving the goal posts. They are making changes that dramatically impact the way you need to service and sell security stack solutions to your clients.

They no longer take your word for it. Policies are requiring either a third-party penetration test or security assessment providing evidence that common vulnerabilities are addressed, and networks are adequately protected from current known threats. Many are requiring recurring third-party assessments or penetration testing.

Insurance providers are approaching your clients and recommending others to perform these assessments, which opens the door for them to sell and manage your client’s cyber stack. In many cases, the folks performing these assessments happen to be your competitors. This is a surefire way to turn a happy client, into a suspicious-concerned-ready-to-switch-services-nightmare.

BUT How do you get in front of this?

STEP 1: Identify who to start with. I recommend starting with your largest and most profitable clients and do an assessment with them to educate them on their gaps. Anyone who you’d be hard pressed to replace if you had to find MRR to replace them should fall into this list.

STEP 2: Get your clients through a readiness assessment. This will entail asking them a variety of questions around their risks and risk tolerances and how they operate today. You will likely have some of the answers to their technical questions, but you definitely will want to keep them engaged and participating in the discussion beyond simply technical control questions.

STEP 3: Readout Your Cyber Insurance Readiness Assessment. Help them see what they should be investing in so when the insurance person shows up, you’ve already had the conversation and your client feels confident in you and your company rather than waiting for the client to get a big fat surprise!

STEP 4: Get your client more interested in participating in discussions around security. Continue the conversation from your readiness assessment to set them up for a successful program. This might include offering vCSO guidance or some sort of on-going regular analysis and discussion around their security.

I will be covering this specific topic on August 19th:

Crushing Your Client’s Or Prospect’s Cyber Insurance Readiness Assessment

More information at: www.galacticscan.com/friday

In this session, I will dive into how to exactly how you can perform the assessment for a client (or a prospect) and how to perform the readout. Specifically, I will show you what to focus on. Stories that communicate business risk. Ways to increase your cyber stack profitability. A quick checklist to address their objects.

P.S. Did you miss the last session on performing a webinar on educating your clients and prospects about the new cyber insurance requirements before it’s too late? If so, you will want to check this out immediately: https://attendee.gotowebinar.com/recording/6240515063179721730