Companion Guide: How to Prepare for Your Cyber Insurance Renewal & Ransomware Questionnaire

Cyber insurance renewals aren’t what they used to be. The days of a one-page application and a quick signature are gone. Carriers now require detailed security documentation, ransomware supplemental forms, and proof that your business meets minimum cybersecurity standards.

This guide walks you through how to prepare, what information you’ll need, and how to avoid surprises so your renewal goes smoothly.

Before You Start a Cyber Insurance Renewal: Know What the Insurer Is Looking For

Insurance companies are no longer asking questions “just because.” Every question in the ransomware supplemental form points to a control that directly reduces ransomware risk.

They want to know:

• Can attackers log in with only a stolen password? (MFA)

• Can ransomware destroy your backups? (Backup immutability)

• Will someone notice if your systems are under attack? (EDR/SOC)

• Are you running outdated or unsupported software? (OS versioning)

• How easily can ransomware spread if it gets in? (Admin rights, network segmentation)

Put simply: the insurer wants evidence that an attack won’t cripple your business, or their balance sheet.

Gather These Items Before Filling Out the Questionnaire

Having the following information ready will make the process far smoother. Share this list with your IT provider so they can assist.

✔ MFA Coverage Map

• List where multi-factor authentication is enabled:

  • Email

  • VPN

  • Remote access

  • Admin accounts

  • Critical applications

✔ Backup Summary

• Include:

  • How often backups run

  • Whether you have immutable or offline backups

  • How long data is retained

  • When backups were last tested

✔ Endpoint Security Report

• Document:

  • Which EDR/XDR tool you use

  • Whether it’s installed on all servers/workstations

  • Who monitors alerts (internal team or 24/7 SOC)

✔ Patch Management Report

• Be ready to show:

  • Patch cycle frequency (weekly is ideal)

  • How critical patches are handled

  • Whether legacy systems exist

✔ Admin Accounts & Privileged Access Review

• Provide:

  • Number of admin users

  • Whether admins use separate accounts for daily work

  • How often access is reviewed

✔ Email Security Details

• Note:

  • Phishing protection solution

  • DMARC/SPF/DKIM configuration

  • Employee security awareness training frequency

Identify Gaps Early, Before Renewal Time

Most SMBs discover at least one gap while preparing the application. That’s normal. What the insurer wants to see is that you’re actively addressing those gaps.

Typical red flags that delay or block coverage:

• No MFA for email or admin accounts

• Backups stored only online with no immutability

• No EDR or outdated antivirus

• Unsupported operating systems (Windows 7/10)

• Flat networks with no security segmentation

• Excessive admin rights

• Weak or nonexistent patching process

If you find issues, don’t wait for renewal day, start remediation conversations early.

Work With the Right People During the Process

You should not fill out these forms alone.

Your Insurance Broker

They can:

• Explain what the insurer is truly asking

• Push back if requirements are unreasonable

• Clarify what is mandatory vs. “nice to have”

• Shop carriers if one isn’t a good fit

Your IT Provider or Cybersecurity Advisor

They can:

• Translate technical questions

• Provide accurate answers

• Implement missing controls

• Supply policy documentation insurers expect

• Validate that controls meet carrier standards

Your Internal Stakeholders

Loop in:

• Ownership

• Finance (budget)

• HR (training requirements)

• Operations

Cyber insurance is about the entire business, not just IT.

What Carriers Expect in 2026 (The New Minimums)

Most insurers now require these controls just to quote a policy:

Required

• MFA for email, remote access, and admin accounts

• EDR on all endpoints

• Immutable or offline backups

• Weekly patching

• Privileged access controls

• Email filtering/phishing protection

• Security awareness training

• Supported operating systems only

• Documented incident response plan

Increasingly Expected

• 24/7 SOC monitoring

• Geo-blocking

• Vulnerability scanning

• Third-party access controls

• BCDR plan with annual testing

If you don’t meet the minimums, carriers may:

• Increase premiums

• Limit ransomware coverage

• Exclude certain losses

• Decline coverage entirely

How to Position Your Business for a Smooth Renewal

Follow this simple checklist:

60–90 Days Before Renewal

• Request all questionnaires early

• Meet with your IT provider to assess gaps

• Build a remediation plan

• Begin upgrading systems or implementing missing controls

30 Days Before Renewal

• Finalize answers with your broker

• Gather evidence (reports, logs, policies)

• Confirm renewal terms and pricing

At Renewal

• Review any new exclusions

• Evaluate new coverage limits

• Validate that premium changes align with your security improvements

After Renewal

• Monitor and maintain all required controls

• Test backups quarterly

• Review admin accounts monthly

• Train employees regularly

Cyber insurance is no longer “set it and forget it.”It’s now an ongoing security program.

Final Advice for SMB Owners

Cyber insurance applications can feel intimidating, but they actually highlight the same practices your business needs to stay safe.

Don’t treat the questionnaire as a burden, treat it as a roadmap.

If something doesn’t make sense, or if you’re unsure whether your security controls meet insurer expectations, that’s when you should bring in experts.

Hudson and I help SMBs navigate these applications, close security gaps, and prepare for renewals without the stress or guesswork.

Whenever you’re ready, we’re here to guide you.