Data Protection · · 7 min read

Cyber Insurance Policy Checklist: Security Benefits You Are Probably Missing

cyber insurance policy benefits checklist

Most cyber insurance policyholders use only 2 of the 10 security benefits included in their policy. Common unused benefits include penetration testing coverage, security awareness training reimbursement, incident response retainer access, breach notification support, legal counsel, crisis communications, dark web monitoring, vulnerability scanning, tabletop exercises and regulatory compliance consulting.

You Are Paying for Benefits You Are Not Using

After working with hundreds of insured organizations, we have noticed a consistent pattern. Most policyholders know about two things their cyber insurance covers: incident response after a breach and legal costs. That is it. They are using 2 of the 10 security benefits their premium pays for.

The remaining 8 benefits sit unused policy year after policy year. They do not roll over. They do not accumulate. When the policy year ends, those benefits are gone. You paid for them and got nothing in return.

This checklist covers the 10 most common security benefits included in Canadian cyber insurance policies. Go through your policy and check which ones you have. Then start using them.

The 10-Item Cyber Insurance Benefits Checklist

1. Penetration Testing Coverage

Many policies cover annual penetration testing under their preventive services or loss prevention provisions. Coverage ranges from $2,500 to $15,000 CAD depending on the policy tier. Search your policy for "security assessment," "risk mitigation" and "pre-breach services" to find this benefit. A standard pentest from Sherlock Forensics starts at $1,500 CAD, well within most policy allocations.

2. Security Awareness Training Reimbursement

Phishing is the number one attack vector for insured claims. Carriers know this, which is why many policies reimburse the cost of security awareness training programs. This can cover platform subscriptions, simulated phishing campaigns and in-person training sessions. Typical allocation is $1,000 to $5,000 CAD per year.

3. Incident Response Retainer

Some policies include a pre-negotiated incident response retainer with an approved forensics vendor. This means you have a team on standby before a breach occurs, with response SLAs already agreed upon. If your policy includes this, activate it now. Do not wait until 2 AM on a Saturday when you discover ransomware on your network. Sherlock Forensics serves as an approved vendor on multiple carrier panels.

4. Breach Notification Services

When a breach affects personal information, Canadian organizations must notify affected individuals under PIPEDA and provincial privacy legislation. Your policy likely covers the costs of notification, including printing, mailing, call center setup and credit monitoring for affected individuals. These costs add up fast. A notification to 10,000 individuals can cost $50,000 to $100,000 CAD.

5. Legal Counsel Access

Most policies provide access to a privacy breach coach or legal counsel who specializes in data breach response. This is not your regular corporate lawyer. This is a specialist who knows privacy law, notification requirements and regulatory expectations. Many policies cover the first 10-20 hours of legal consultation at no additional cost to you.

6. Crisis Communications Support

A breach damages your reputation as much as your systems. Some policies include crisis communications support: a PR professional who helps you craft messaging for customers, employees, media and regulators. This benefit is especially valuable for organizations that have never dealt with public breach communications before.

7. Dark Web Monitoring

Several carriers now include dark web monitoring as a preventive benefit. This service scans dark web marketplaces, forums and paste sites for your organization's data, credentials and brand mentions. If your policy includes this, activate it. Early detection of leaked credentials can prevent a breach before it starts.

8. Vulnerability Scanning Tools

Some policies provide access to vulnerability scanning platforms or reimburse the cost of commercial scanning tools. This is separate from penetration testing. Vulnerability scanning is automated and runs continuously, while penetration testing is manual and conducted periodically. Both are valuable and some policies cover both.

9. Tabletop Exercise Facilitation

Tabletop exercises simulate breach scenarios so your team can practice their response without the pressure of an actual incident. Some policies cover the cost of facilitated tabletop exercises, including scenario development, facilitation and after-action reporting. One exercise per year can dramatically improve your team's breach response performance.

10. Regulatory Compliance Consulting

Navigating PIPEDA, provincial privacy legislation, PCI DSS, GDPR and industry-specific regulations is complex. Some policies include access to compliance consulting services that help you understand your obligations and prepare for regulatory scrutiny. This benefit is particularly valuable for organizations in healthcare, finance and retail.

How to Unlock These Benefits

The process for accessing these benefits is similar across most carriers:

  1. Read your full policy - Not the summary. The actual policy wording. Look for sections on preventive services, risk management and loss prevention
  2. Call your broker - Ask about each item on this checklist. Your broker may not volunteer this information, so you need to ask directly
  3. Get written confirmation - For each benefit that applies to your policy, get written confirmation of the coverage amount, the process for accessing it and any pre-approval requirements
  4. Create a calendar - Map out when you will use each benefit during the policy year. Penetration testing 60-90 days before renewal, training quarterly, tabletop exercise annually
  5. Track your usage - Keep records of every benefit you use, the associated costs and any reimbursements received. This documentation is valuable at renewal time

Start With the Highest-Value Benefit

If you can only use one benefit this year, make it the penetration test. It directly reduces your risk, reduces your premium at renewal, provides evidence of due diligence for claims purposes and satisfies a condition that appears on nearly every underwriting questionnaire. No other single benefit delivers as much value per dollar.

Check if your policy covers a penetration test and schedule one before your next renewal. Then work through the rest of the checklist. Your premium pays for these benefits whether you use them or not. Start using them.

Check If Your Policy Covers This Order a Penetration Test

FAQ

Cyber Insurance Benefits Questions

What security benefits are commonly included in cyber insurance policies?
Common benefits include penetration testing coverage, security awareness training reimbursement, incident response retainer, breach notification services, legal counsel access, crisis communications support, dark web monitoring, vulnerability scanning tools, tabletop exercise facilitation and regulatory compliance consulting. Most policyholders only use 2 of these 10 benefits.
How do I find out which benefits my policy includes?
Read your full policy document, not just the summary or certificate. Look for sections titled preventive services, risk mitigation, loss prevention or pre-breach services. Then call your broker and ask specifically about each benefit on the checklist. Get confirmation in writing so you have documentation when submitting for reimbursement.
Can I use multiple benefits in the same policy year?
Yes. Most policies allow you to use multiple preventive benefits within the same policy year, subject to individual and aggregate limits. For example, you might use penetration testing coverage, security awareness training reimbursement and an IR retainer all in the same year. Each benefit typically has its own allocation within the total preventive services budget.