How is your cyber insurance defensibility managed?

If a claim were reviewed after an incident, would your information security practices hold up? You can be confident that they will.

I provide small and mid-size businesses with an Independent Defensibility Assessment, a professional evaluation of whether their information security program is defensible to their insurer, their partners, and their customers.

The assessment is part of Defensibility Management.

Cyber Insurance Readiness

An independent review of whether your cyber insurance questionnaire items and their supporting practices would withstand insurer scrutiny. Not a checklist. A conclusion, with documentation on how to demonstrate your defensibility.

Learn more

Information Security Program Governance

Practical, right-sized governance built around your business, how you make money, and what you need to protect. No unnecessary overhead.

Learn more

Why not just use AI?

AI can map your controls to a questionnaire. It cannot tell you whether your answers would hold up. That determination takes a conversation about how your business operates, how your controls work day to day, and whether the evidence you have would satisfy an insurer reviewing a claim. I use AI as part of this process. What I add is the judgement to reach a defensible conclusion, and the independence to stand behind it.

Book a Consultation

Assess that your cyber insurance claim will not be denied due to a fixable defect in your information security program or consider other information security services.