The marketplace for cyber liability insurance has changed significantly in the last two years, and since July 1, 2021, even more dramatic changes have occurred. As public entities experience more frequent and severe cyber security incidents, premiums and deductibles have increased, while policy limits have decreased, and the scope of available coverage has contracted. Fewer carriers are writing this type of coverage and underwriting criteria are becoming increasingly stricter. These factors negatively impacted the Authority’s Cyber Liability Program renewal last year, creating a difficult situation where reduced coverage had to be accepted despite an increase in premium. All indications are that the 2022-23 renewal will be even more challenging.
Insurance carriers are now requiring new and more detailed information to consider prospective insureds for coverage. They are seeking to confirm that at least some minimum level of security protocols are in place, and that cyber intrusion countermeasures are actively protecting member computer systems and networks.
Below is a link to a self-assessment of best-practice cyber security measures. Members are strongly encouraged to complete the self-assessment and remediate any deficient items, not only to improve insurability, but also as protection against cyber security incidents.
Your agency’s insurability will be enhanced if you improve your cyber security risk profile. Please note that the self-assessment is for internal use only and does not need to be returned to the Authority.
All members must complete an application through Alliant’s Cyber PE portal by March 18, 2022.
Obtaining Login Credentials
Members who already have Alliant Connect login credentials can use them to access the Cyber PE portal. Please only use Google Chrome or Mozilla Firefox to access the portal. The portal may not function as intended using other web browsers.
Completing the Application
If certain questions cannot be answered at this time, do not allow this to delay submission of the application. While a fully completed application best positions the Authority and individual members to obtain cyber coverage for 2022-23, submitting a partial application by the deadline is preferable to submitting no application, or submitting a late application.
The following sections of the application are essential for members to complete:
- Internal Security
- Email Security
Please click this link to access a recording of a virtual application review session that occurred on March 15, 2022. Representatives from Alliant reviewed the application in its entirety and answered questions from attendees. The passcode to access the recording is SZip!996.
If you have questions about or need assistance with completing the application, please contact:
Account Manager – Lead
Insurance carriers consider certain cyber security controls and protocols crucial for evaluating insurability. Click on the link below for a detailed list of the most essential controls. Please keep this in mind as you complete the application.
Members who need consulting support and technical assistance with analyzing and improving cyber security, may choose to work with an outside vendor. As one option, the Authority has partnered with Ankura, a cyber security firm providing comprehensive solutions to strengthen organizational security using a balanced approach based on incremental improvements. Ankura is available to help members remediate any deficiencies identified in the self-assessment. Please note: engagement of Ankura is at each member’s own expense.
The Authority recently provided virtual cyber security training for members. The first half of the session was intended for all public agency staff, while the second was intended for incident response teams. Full video of the training can be accessed here. Slides are also available for both sessions:.
If you have input you wish to share on how the Authority can better serve member cyber security or coverage needs, please communicate with your assigned Regional Risk Manager. The Authority greatly values member input so that we can provide the best possible programs and services.