Questions for Coalition Cyber Insurance and (Optional) Technology Errors & Omissions Insurance

Responses to the questions below are necessary to obtain a quotation for Cyber insurance from Coalition and, if desired, Technology Errors & Omissions coverage. Attestation Questions must be completed for both standalone Cyber insurance and Technology Errors & Omissions coverages. After a quotation for insurance is bound, the Named Insured will be asked to electronically sign an application populated with the responses from the questions below.


General Information

 

 

expected over next 12 months

expected over next 12 months

ATTESTATION QUESTIONS

1. Within the last 3 years has Named Insured suffered any cyber incidents resulting in a claim in excess of $25,000?
 
2. Is Named Insured aware of any circumstances that could give rise to a claim under this insurance policy?
 
3. Does Named Insured implement encryption on laptop computers, desktop computers, and other portable media devices?
   
4. Does Named Insured collect, process, store, transmit, or have access to any Payment Card Information (PCI), Personally Identifiable Information (PII), or Protected Health Information (PHI) other than employees of Named Insured?
 
4a (If Yes) What is the estimated annual volume of payment card transactions (credit cards, debit cards, etc.)?
       
4b (If Yes) How many PII or PHI records does Named Insured collect, process, store, transmit, or have access to?
       
5. For which of the following services do you enforce Multi-Factor Authentication (MFA)?
5a Email
 
5b Virtual Private Network (VPN), Remote Desktop Protocol (RDP), RDWeb, RD Gateway, or other remote access
   
5c Network/cloud administration or other privileged user accounts
   
6. Does Named Insured maintain at least weekly backups of all sensitive or otherwise critical data and all critical business systems offline or on a separate network?
 
7. Does Named Insured require a secondary means of communication to validate the authenticity of funds transfers (ACH, wire, etc.) requests before processing a request in excess of $25,000? *
 
8. Within the last 3 years has Named Insured been subject to any complaints concerning the content of its website, advertising materials, social media, or other publications?
 
9. Does Named Insured enforce procedures to remove content (including third party content) that may infringe or violate any intellectual property or privacy right?
 

TECHNOLOGY ERRORS & OMISSIONS QUESTIONS

1. Please describe the company’s use of technology in delivering its product and/or services.
2. Within the last 3 years has Named Insured been subject to a dispute or claim arising out of a technology error or omission in excess of $25,000?
 
3. Is Named Insured operating as a managed service provider (MSP), or does Named Insured participate directly in or sell technology products/services designed for any of the following industries?

  • Cryptocurrency
  • Cannabis
  • Internet of Things
  • Financial Services
  • Healthcare
  • Blockchain
  • Automotive
  • Aviation
  • Military/Defense
  • Gambling
  • Payment Processing
  • Adult Entertainment
  • Payment Processing
  • Point of Sale (POS) Software/ Hardware/Reseller
  • Professional Services (Legal, Medical, A&E, or other licensed professional services)
 
4. How often are Named Insured’s services provided by written agreement or contract?
5. Identify the standard risk mitigating clauses or methods contained within Named Insured’s agreements or contracts. (Select all that apply)