By Ryan Windt | Head of Growth Marketing | Updated April 2026 Tech companies and SaaS businesses working toward SOC 2 compliance tend to ask a version of the same question at some point: if we have SOC 2, do we still need cyber insurance? The short answer is yes. But the more useful answer […]

By Ryan Windt | Head of Growth Marketing | Updated May 2026 Most businesses set up email and never think about it again. The domain works. Mail goes out. Replies come back. That is the entire mental model. It is also why email remains the entry point for the majority of cyber insurance claims filed […]

By Ryan Windt | Head of Growth Marketing | Updated May 2026 If you have filled out a cyber insurance application in the last 12 months, you have seen the credential and access control questions getting longer. Two years ago, underwriters wanted to know if you had MFA on email and remote access. A year […]

By Ryan Windt | Head of Growth Marketing | Updated April 2026 If you have filled out a cyber insurance application in the last two years, you have seen the EDR question. It shows up in different forms depending on the carrier, but the intent is always the same: do you have endpoint detection and […]

By Ryan Windt | Head of Growth Marketing | Updated April 2026 If you have read anything about qualifying for cyber insurance in the last two years, you have seen the phrase “immutable backups” somewhere in the requirements list. It appears in underwriting questionnaires, in policy conditions, in carrier declination letters, and in post-incident forensic […]

By Ryan Windt | Head of Growth Marketing | Updated April 2026 Most businesses have some version of an incident response plan. It lives in a shared drive somewhere, it was written two or three years ago by someone who has since left the company, and nobody has looked at it since. That document will […]

By Ryan Windt | Head of Growth Marketing | Updated April 2026 Multi-factor authentication is the single control that appears on every cyber insurance application, every underwriting questionnaire, and every carrier declination letter when it is missing. It is also the control that generates the most confusion when businesses actually try to implement it. What […]

By Ryan Windt | Head of Growth Marketing | Updated May 2026 Most businesses treat cyber insurance renewal the same way they treat renewing a lease: sign the paperwork, hope the rate does not jump too much, and move on. That approach is leaving money on the table and, in some cases, creating coverage gaps […]

By Ryan Windt | Head of Growth Marketing | Updated May 2026 Executive Summary PCI DSS v4.0 has been fully in effect since March 2025. Organizations that have not yet addressed the payment-page script controls, expanded MFA requirements, and Targeted Risk Analysis framework are now operating out of compliance, and that gap shows up directly […]

By Ryan Windt | Head of Growth Marketing | Updated May 2026 Cyber risk used to live on the CISO’s desk. It no longer stays there. Ransomware incidents that shut down operations for days, regulatory fines that follow data breaches, and third-party liability claims from clients who suffered losses through your systems are all balance […]

By Ryan Windt | Head of Growth Marketing | Updated May 2026 MSPs are the highest-value target in the cyber insurance market. Not because attackers are particularly interested in your business, but because compromising one MSP can mean simultaneous access to dozens or hundreds of client environments. Carriers call this aggregation risk, and it is […]