Insurance Companies Are Asking My Business About Its Cybersecurity. What’s the Deal?

You might have noticed that business insurance companies are starting to show an interest in how you are protecting your technology and data. If your org has been in touch with your insurance provider regarding modifying or renewing your business insurance, you were likely handed a lengthy questionnaire about your cybersecurity. Let’s take a look together to help you make informed decisions on how to handle your IT and how to prevent your insurance costs from skyrocketing.

Help! My Business Insurance Company is Asking Questions About My IT!

It might come as a shock to some business owners when they receive a long questionnaire with a lot of technical questions from their business insurance agent. Every provider will be a little different, but in our experience, they are generally asking questions about who handles your IT, how many endpoints you have, what vendors you use, and questions about your backup, cloud hosting, and cybersecurity.

We’re talking about insurance here, so it’s obvious that your answers to these questions could play a role in your actual coverage, your insurance premiums, and in some situations, whether you are actually eligible for coverage.

We’ve been getting questions about this a lot lately, both from clients and other New Hampshire businesses who are worried that they might lose coverage because their IT isn’t as organized or as up-to-date as their insurance provider wants it to be.

It’s a stressful situation, for certain.

Let’s Take a Look at What Your Insurance Company is Asking

Every insurance company is going to be handling this a little differently, and there will be even more variables depending on the industry you are in, the size of your organization, and a few other factors. 

Generally though, the big questions cover more or less the same handful of topics:

  • Do you store sensitive information?
  • If so, where, and how do you back it up?
  • What kind of security policies do you enforce (strong passwords, multi-factor authentication, etc.)?
  • Who is responsible for the management and upkeep of your information technology?
  • How are you protecting electronic correspondence?
  • Are you providing security awareness training and testing in your organization?

If you are in the healthcare industry or the financial industry and work with even more sensitive information than most other businesses, there are already strict regulations to meet, and your insurance provider might want to make sure you are following those guidelines as well.

It’s important to know that your insurance agent doesn’t know anything about what’s in place at your business when it comes to your technology. Your rep probably isn’t especially technical either, which can add to the confusion. Sometimes they might be able to give you some deeper insight into what the most important questions are, but in a lot of the cases we’ve seen, the insurance provider can’t really offer much in the way of guiding your business to meet their compliance standards. 

And honestly, we wouldn’t expect them to. That’s not their role.

Don’t Do This for the Sake of Your Business Insurance

Sure, if you can make some changes to your IT to reduce your overall insurance costs, then that’s a nice win. However, business owners shouldn’t be taking these steps just because your insurance company told you to do so. Forget the savings on your insurance, and look at this as an opportunity to do the right thing for your business.

There’s a reason insurance companies are asking questions about cybersecurity—modern cyber threats have become a much larger problem over the past few years, and it’s only going to get worse. Even for a smaller business, a particularly bad ransomware attack can cost thousands and thousands of dollars. Plus your organization can lose a lot of time dealing with threats, to the point where one attack could put you out of business.

A lot of the standards that your insurance company is looking for aren’t necessarily expensive fixes either. It’s less about throwing money at the wall and more about making sure things are done properly and that your staff understands how to keep your data secure.

Let’s Consider Your Business’ Insurance Requirements

We’ve been helping businesses make sense of cybersecurity requirements and compliance requirements for a long time, and we can help your business review the requests made by your insurance provider and make sure you are doing what’s best for your business.

If you have any questions or want to review your insurance requirements together, give us a phone call at (603) 889-0800.

White Mountain IT

Related Posts

Smishing: A Variety of Phishing Attacks Utilizing SMS

The Dangers of SMS Phishing, or ?Smishing? Ultimately, any plot carried out by a scammer that is trying to either pose as someone else or urge the user to do something particularly dangerous could be considered a phishing attack. This kind of definition goes beyond simple email scams, where you get a message in your inbox urging you to click on links or download infected attachments. There are ot...

Ransomware is One Problem that Leads to Many More

The Simple Fact is that Ransomware Hurts in Many Ways Let?s walk through what a modern ransomware attack might look like, acknowledging all the ways that the affected business would suffer as a result of the infection. A ransomware attack begins with an attacker reaching out and communicating with an intended victim as part of a phishing attack to gain access to said victim?s device or networ...

Mobile Device Management is Critical for Today's Business

Security Enhancement Security is the name of the game and MDM helps enhance the security of mobile devices by policy enforcement. It gives organizations the ability to configure and enforce settings such as password complexity, encryption, and can even wipe a device in the case of theft or loss. It also provides real-time monitoring and alerts for potential security threats, allowing administrato...

Why You Need to Use a Surge Protector, Not a Power Strip

It’s easy to look at a power strip and a surge protector and question if there’s anything that actually makes them different. After all, they both give you extra plugs, right? Yes, but there’s more to it than just that. Let’s review some of the important differences between the two that make one a far better choice for your business’ power delivery needs. What’s So Different About Surge Protec...

Sound Familiar?

Here are some of the most common complaints we hear from businesses that aren’t satisfied with their IT vendor and want to switch to White Mountain.

There is a Better Way!

Give White Mountain IT a Call Today

BOOK A CALL

Nationwide Remote IT Services,

Without a Long Term Contract.

We provide services and support to businesses throughout the US. If we do not have an on-site resource in your area, we can manage a local vendor to provide on-site assistance if and when needed.

All our Managed Services are carried out by our dedicated team of full-time employees. These professionals have successfully cleared multiple security and background checks, ensuring the highest level of service and reliability for your business. 

Need an Onsite Visit?

We've Got You Covered!

Manchester N.H. Office:

121 Riverfront Drive
Manchester NH 03102

Nashua N.H. Office:

33 Main Street
Suite 302
Nashua NH 03064

Client Help Desk        603-889-2210

New Client Inquiries   603-889-0800

OPEN POSITIONS

Client Help Desk

603-889-2210

New Client Inquiries
   603-889-0800

© 2025 All Rights Reserved. Areas We Serve copy_right_image

Protected by Copyscape Plagiarism Checker – Do not copy content from this site.