top of page

Cyber Questions

Applicant Type
Incorporated legal entity
Unincorporated or informal business
Individual natural person
Limited Liability Company
Other/Unknown
Ownership Structure
Publicly Traded
Privately Held
Nonprofit
Public/Government Entity
Year established
Total Number of Employees Dedicated to Cybersecurity
Total Number of Employees

Do you currently or will you potentially operate as any of the following?

• Accreditation Services Provider

• Adult Content Provider

• Credit Bureau

• Cryptocurrency Exchange

• Cybersecurity Products and Services

• Data Aggregator/Broker/Warehouse

• Direct Marketer

• Gambling Services Provider

• IT Managed Services Provider

• Manufacturer of Life Safety Products/Software

• Media Production Company

• Payment Processor

• Peer To Peer File Sharing

• Social Media

• Surveillance (Physical or Digital)

• Third Party Claims Administrator

Yes
No
Do you derive more than 50% of its revenue from technology products and services (e.g. software, electronics, telecom)?
Yes
No
Within the past three years, have you had any actual or potential Incidents or Claims
Yes
No

------------------------------------------------------------------------------

Which of the following IT security controls do you have in place?

Antivirus and Firewalls (Windows 10 or higher qualifies for <10 employees)
Yes
No
Unknown
Encryption of Sensitive Data at Rest and In Transit
Yes
No
Unknown
Encryption and Endpoint Protection on Mobile Computing Devices
Yes
No
Unknown
Formal Vulnerability Management and Software Patching Procedures
Yes
No
Unknown
Formal Data Backup and Recovery Procedures in Place and Tested Periodically
Yes
No
Unknown
Formal Cyber Incident Response Plan in Place and Tested Periodically
Yes
No
Unknown
Multifactor Authentication on Corporate Email
Yes
No
Unknown
Multifactor Authentication on Corporate Network, Systems, and VPNs
Yes
No
Unknown

------------------------------------------------------------------------------------

Do you rely on Cloud Computing, Software-as-a-Service, or any other outsourced computer hosting for revenue-generating operations?
Yes
No
Unknown
Do you accept payment card (Credit/debit card) transactions?
Yes
No
Do you deal with protected health information as defined by HIPAA?
Yes
No
Do you have operations or customers in California, or any responsibilities under the California Confidentiality of Medical Information Act?
Yes
No
Unknown
Have you obtained legal review of its use of trademarks, including domain names?
Yes
No
Unknown
Do you currently purchase Professional Liability or E&O insurance?
Yes
No
Do you currently purchase Cyber or Privacy Liability insurance?
Yes
No
Do you intend to purchase E&O and/or Media coverage on a separate and distinct policy? (e.g. with a separate set of limits, or with another carrier?)
Yes
No
Does the policyholder collect, host, store, control, use, process, share, transmit, or have access to any PCI, PII, PHI, or biometric data?
Yes
No
Do you use a third party or Managed Service Provider to administer their Technology?
Yes
no
Do policyholder employees authenticate fund transfer requests, prevent unauthorized employees from initiating wire transfers, verify vendor/supplier bank accounts before adding them to accounts payable systems, and complete annual anti-fraud training
Yes
No
bottom of page