Cyber insurance - complementary services rating methodology

In order to help you to select a cyber insurance provider that can offer a policy most tailored to your particular needs, we came up with a simplistic framework that rates the complementary / proactive services and a product transparency.

Starting with complementary / proactive services:

S – Best-in-class - Integrated security platform; qualitatively different from everything below it. Have everything or almost everything there is to offer - flexible, scalable, reliable.

A – Integrated - Five or more services including multiple Tier 1. Meaningful risk reduction across most attack vectors. Most of the big hitters are included, comprehensive service catalogue.

B – Proactive - Three to four services including at least one Tier 1 (VS or MDR). A genuine proactive layer for most policyholders. Offer is often limited to local partnership arrangements that insurer might have.

C – Emerging - Two substantive services or one tier 1 plus a supporting service. Some pre-loss value but incomplete.

D – Entry - One meaningful service, or a low-weight combination. Minimal differentiation beyond coverage terms. There is no catalogue, just one or two throwaways.

F - Indemnity only - No proactive services. Pure risk transfer product. Common among insurers that are working only through brokers. It doesn't make those products bad, it just means that extra features might be provided by the intermediary instead.

As much as those services can help you to prevent and respond to a cyber crisis, they should go on top of the actual cyber insurance policy.
And the best cyber insurance products have all the information regarding the terms, limits, premiums, prerequisites, revenue thresholds available to you without the need to answer 25 questions in some quote request form.