De4sec Technology
De4sec Technology
de4sec.technology
๐Ÿ‡ฆ๐Ÿ‡บ Australia

Cyber Insurance Readiness Guide

What cyber insurers require in 2026 โ€” and how to implement the controls that reduce your premium and ensure your claim is honoured.

Prepared by
De4sec Technology
Contact
support@de4sec.technology
Edition
2026 ยท Updated March
CONFIDENTIAL ยท FOR CLIENT USE ONLY
Contents
  1. Why Cyber Insurance Has Changed
  2. What Insurers Require
  3. The MFA Distinction
  4. Backup Requirements
  5. Incident Response Plan
  6. De4sec Insurance Readiness Engagement
01

Why Cyber Insurance Has Changed

Cyber insurance is no longer a broad, accessible product. Insurers have tightened requirements significantly following large-scale ransomware events. In 2026, businesses that cannot demonstrate baseline security maturity are refused coverage or face exclusions that void claims.

The question is not just 'do you have cyber insurance?' โ€” it's 'will your policy pay out?' That depends on whether the controls you attested to during underwriting are actually in place.

02

What Insurers Require

These controls are now commonly required as part of cyber insurance underwriting. Misrepresenting any of them can void your policy.

ControlRequirementCommon Gap
MFAEnforced for all users including adminsEnabled but not enforced via Conditional Access
Privileged AccessAdmin accounts separated from daily useSingle account for both work and admin
Endpoint ProtectionEDR on all devicesLegacy AV only, no behavioural detection
Patch ManagementCritical patches within 14 daysAd hoc, no documented cadence
BackupTested offsite, immutable storageExists but never restored from
Incident Response PlanDocumented and testedWritten but stored on the encrypted server
Email SecuritySPF, DKIM, DMARC enforcedSPF only, DMARC absent or p=none
Security AwarenessAnnual training for all staffNo formal training programme
03

The MFA Distinction

Enabled means users have the option to use MFA. Enforced means they cannot log in without it. Insurers now distinguish between these โ€” and claims have been disputed where the breached account had MFA 'available but not required.'

What enforced looks like

โœ“Conditional Access policy requiring MFA for all cloud app access
โœ“No user exceptions โ€” not even executives
โœ“Legacy authentication protocols disabled
โœ“Admin accounts with phishing-resistant MFA (hardware key or passkey)
04

Backup Requirements

Insurers require backups that are usable in a ransomware scenario โ€” not just that backups exist.

โœ“Immutable storage โ€” cannot be modified even by a compromised admin
โœ“Offsite or separate environment โ€” isolated from primary systems
โœ“Tested restore within the past 12 months
โœ“30-day minimum retention
โœ“Covers all business-critical data

Microsoft 365 does not provide backup in the insurance-required sense. A third-party backup solution (Veeam, Acronis, Datto) is required.

05

Incident Response Plan

The plan must cover:

โœ“Identification โ€” how will you know an incident has occurred?
โœ“Escalation โ€” who is first call, second call, when does legal get involved?
โœ“Containment โ€” what gets isolated, who can take systems offline?
โœ“Communication โ€” how are staff and clients notified?
โœ“Evidence preservation โ€” what not to delete for forensic investigation
โœ“Recovery โ€” restore priority order from backup
โœ“Post-incident review โ€” lessons learned, controls to update

The plan must be accessible without a working computer. Store a printed copy off-site or in a personal cloud account โ€” not on the company tenant that may be compromised.

06

De4sec Insurance Readiness Engagement

De4sec provides a structured engagement to prepare businesses for underwriting and ensure claims will be honoured.

Gap Assessment
Review current environment against insurer requirements โ€” identify specific missing or partial controls.
Control Implementation
Implement required controls with full documentation: MFA enforcement, Conditional Access, backup, endpoint protection, email authentication.
Evidence Package
Produce documented evidence for insurers: policy screenshots, compliance reports, backup test results, incident response plan.
Ongoing Compliance
Quarterly reviews to ensure controls remain in place as requirements evolve.
// NEXT STEP

Ready to implement this in your environment?

De4sec provides hands-on implementation, not just advice. Book a free discovery call โ€” we assess your current environment against this guide at no cost, no obligation.

Book a Free Discovery Call โ†’or visit de4sec.technology
De4sec
ยฉ 2026 DE4SEC TECHNOLOGY. ALL RIGHTS RESERVED.