The funny thing is, insurance companies writing these policies are likely going to require that you find and fix the silly, dangerous, unexplainable low-hanging fruit you have on your network and embedded into your IT operations right now that you’re hoping to get insurance coverage against anyway.
You cannot secure nor insure what you don’t acknowledge.
Maybe cyber liability insurance is part of the risk management solution, maybe it’s not. It’s best to keep the horse before the cart. Smart business execs will fix the underlying – often glaring – issues and then consider their risks and weigh their options on this type of coverage.