1. Knowledge Nest
  2. For Brokers
  3. Sales + Marketing Documents

Fly By Expedited Renewals Process

Everything you need to know about Fly By Expedited Renewals process.

 đŸ“Œ  Click here to download a PDF guide to Fly By Expedited Renewals

Frequently Asked Questions 

What are the key advantages of the Fly By Expedited Renewals process?

The new Fly By Expedited Renewals process requires less information upon renewal. For risks that qualify, a short form application is completed, versus our typical full renewal application and ransomware supplement.

In addition, qualified risks are automatically quoted at 45 days from expiration without first requiring a renewal application. Subject to our underwriting guidelines, the quoted terms, conditions, and premium will be provided up front. 

Why was the insured’s premium increased?

Because of the unprecedented increases in both claims frequency and severity in the marketplace associated with targeted cyber incidents (cyber crime and ransomware), as well as systemic events (Log4j, Microsoft Exchange, Solarwinds), we have increased rates and minimum premiums. 

Please contact your underwriter for additional information specific to your insured’s renewal.

What are the minimum required controls for all insureds?

For insureds who have less than $25M in revenue and no material changes, the minimum required controls are as follows:

  • Does the applicant have segregated backups?
  • Does the applicant use email security filtering?
  • Does the applicant require Out Of Band Authentication (OOBA) prior to making payments or transferring funds? 

Why does the Fly By Expedited Renewal quote expire 15 days prior to expiration of the current policy?

In order to simplify the renewal process, eligible risks simply need to be cleared against the Fly By Expedited renewal application. Once cleared, the quoted terms become bindable.  

However, Insureds who do not clear eligibility requirements for the Fly By Expedited renewal process may still be eligible for coverage. The quote expires 15 days prior to policy expiration, enabling us to either confirm terms or to quote revised terms, and provide details around what is needed to bind coverage.   

Please note: While the quote expires 15 days prior to expiration, quoted terms can still be validated by the underwriter up to the expiration date of the current policy. 

Why was the Social Engineering and Cyber Crime limit decreased?

Social Engineering, Cyber Crime (phishing, FTF, invoice manipulation), and Ransomware are the top drivers of loss in the cyber marketplace and Social Engineering and Cyber Crime  are leaders with respect to frequency. We can provide a supplemental amount of Social Engineering and Cyber Crime coverage on our policies, for insureds that meet our required controls (below), however this limit is in proportion to our cyber policy limits and subject to the individual characteristics of the risk. 

To provide both the current and long term coverage solutions our insureds require, we have tailored our underwriting approach to Social Engineering and Cyber Crime on an account-by-account basis. 

Can the insured’s Social Engineering and Cyber Crime limit be increased to match the expiring sublimit?

We have listed the controls that must be confirmed by the Insured for us to consider increasing the Social Engineering and Cyber Crime sublimit for an additional premium of approximately 15%.*

Controls to be confirmed:

  • Utilization of an email filtering solution or secure email gateway.
  • Requirement of an out-of-band authentication prior to executing an electronic payment. (Out of band authentication is a secondary verification method with the requester of a funds transfer through a communication channel separate from the original request.)
  • At least an annual social engineering and phishing training for all employees
      • Resources that are available to our insureds:
      • KnowBe4 - Discount can be found at https://info.knowbe4.com/kmsat_get_a_quote_corvus and Free tools can be found at https://www.knowbe4.com/freetools
      • Wizer - Free version can be found at https://www.wizer-training.com/
  • Multi-factor authentication (MFA) in place for access to email.

*Not available for the following classes of business: Banking/Finance/Funds Transfer, Credit Unions, Title and Escrow Agents, Loan Servicing/Mortgage Brokers, Financial and Investment Advisors, PE Firms, Grant Making/Scholarships, Employee Benefits, and Payroll Companies.

What is considered to be a material change in exposure that would exclude an insured from eligibility for the Fly By Expedited Renewal Process? 

A material change is considered when an Insured has either exceeded $25M in revenue or an Insured with revenue in excess of $5M has experienced an increase in revenue  greater than 20% from the prior rated revenue. The prior rated revenue will be confirmed on both the renewal solicitation notification and the quote letter template email to enable the Insured to  compare against the figure provided on the Fly By Expedited Renewal Application.  

The prior rated revenue figure will remain unchanged year-over-year as the rating base allows the Insured to remain eligible for the Fly By Expedited Renewal process, unless the Insured has a material change as described above. 

Another example of a material change is if the Insured has knowledge of a matter that has, or could potentially give rise to a claim or incident. 

This matter must be reported as soon as practicable and disclosed on the Fly By Expedited Renewal Application. Details of such events are to be provided in a separate addendum to the application.

Finally, a failure to maintain the minimum required controls is another example of a material change.

Additional Information and Definitions 

What are segregated backups?

Segregated backups are a strategic backup approach to secure a separate copy of backup data, with the goal of having a protected backup copy that will not be impacted by a ransomware attack. Segregated backups are not accessible through the insured’s primary network/infrastructure and can include cloud backups, air gapped or immutable backups, tape backups that are disconnected at least each night or managed backup-as-a-service (BaaS) solutions. 

For more information, please visit: https://help.corvusinsurance.com/resilient-backup-strategy

What is email filtering and what is considered to be an email filtering solution?

Email filtering software is used to monitor inbound and outbound emails to prevent spam, phishing or malicious emails. Well-known vendors in this space include Mimecast, Proofpoint, and Barracuda. 

For more information, please visit: https://help.corvusinsurance.com/securing-email#SEG

What is out of band authentication?

Out-of-band authentication is a verification process in which a transaction (wire transfer, electronic funds transfer, etc.) initiated via one delivery channel (email) must be verified via an alternative and independent delivery channel (phone) in order for the transaction to be completed. For example, calling the requestor/initiator at a previously verified phone number prior to making a payment or transferring funds. 

For more information, please visit: https://help.corvusinsurance.com/securing-email#OOB

What is social engineering and phishing training?

Social engineering & phishing training is a specific type of security awareness training that focuses on recognizing phishing/smishing/spoofing emails, texts, phone calls, etc. and what people should do when they encounter them. Bad actors are constantly crafting new ways to get inside the infrastructure or network of their targets, and ensuring that personnel are trained, aware and actively looking out for these malicious attempts to perform nefarious activity will put the company in a better position to fight off intruders.

For more information, please visit: https://help.corvusinsurance.com/securing-email#training

What is Multi-Factor Authentication (MFA) and why is it being asked about on the application?

Multi-Factor Authentication (MFA) is an authentication method that requires the user to provide two or more credentials in order to gain access to an application or system. Credentials may include something you know (a password/username), something you have (smartphone or secure USB key), and/or something you are (biometrics such as fingerprint). 

For more information, please visit:

Although MFA is not required for every insured, we collect this information to determine trends between MFA and cyber incidents so our Data Science team can better serve our policyholders and brokers with more granular insights.