Everything you need to know to qualify for a reduced claims retention.
Risk Prevention Services is a risk prevention solution shown to reduce frequency and cost of cyber breaches by cutting through the noise and helping organizations stay ahead of emerging cyber threats. Corvus Risk Prevention Services provides 24/7 access to our Risk Dashboard, continuous threat intelligence monitoring, and hands-on help from cybersecurity experts.
Corvus has observed that policyholders that engage with Risk Prevention Services have a 20% reduction in cyber claim frequency. As a way to reward policyholders for engaging with our risk prevention solution, and to encourage more to do so, we are adding a Retention Reduction Endorsement to all new and renewing primary policies beginning in July 2023. The Retention Reduction Endorsement allows engaged policyholders to reduce their claim retention by 25%.*
Click here for more on Corvus Risk Prevention Services.
Who qualifies for a reduced claims retention through the Retention Reduction Endorsement?
To qualify for a reduced claims retention, you must (1) have the endorsement on your policy and (2) be considered an engaged policyholder. Policyholders are considered to be “engaged” if someone with knowledge of the insured's IT and security systems completes all modules within the Security Questionnaire section of the Corvus Risk Dashboard.
What is the Corvus Risk Dashboard?
The Corvus Risk Dashboard is a proprietary platform with 24/7 access to scan findings, threat alerts and self-guided security assessments. All policyholders can log in and take immediate action on tailored recommendations, along with personalized introductions to Corvus-vetted security and incident response vendors.
What is the Security Questionnaire within the Corvus Risk Dashboard?
The Security Questionnaire is located within the Corvus Risk Dashboard. The Security Questionnaire section consists of modules that give you the ability to assess your internal cyber security program and controls. Once a module is complete, you will receive a tailored list of recommendations through the Action Center.
You will need someone with an up-to-date understanding of your organization’s IT infrastructure and cybersecurity posture to complete the Security Questionnaires. If the right person does not have a registered account with Corvus, click the “team” tab in the top right corner of your Policyholder Dashboard to add them.
What modules are included within the Security Questionnaire?
Part 1: Smart Controls (est. time to complete: ~10 mins)
- Baseline security controls to protect your organization.
- These controls are assessed during our underwriting process.
Part 2: Security Advanced (est. time to complete: ~15 mins)
- Above and beyond security control recommendations to continue along your security journey.
- Additional recommendations beyond ‘table stakes’ security controls in Part 1.
How long will it take me to complete all modules?
There are approximately 30 questions across the two modules. We anticipate that it will take 30 minutes or less for someone with knowledge of your organization’s IT infrastructure and security program to complete the questions.
Do we have to have "favorable" answers to get the deductible reduction?
No! Just answer every question accurately, and for any responses that are areas for improvement, you'll see recommendations in the Action Center. Please be sure to fill in any text boxes as well to make sure you get credit for finishing!
Can a broker complete the Security Questionnaire on behalf of your organization?
No, the Security Questionnaire modules are only available in the policyholder’s Risk Dashboard. As such, they must be completed by someone within the organization (or an IT MSP) that has an up-to-date understanding of their IT infrastructure and cybersecurity posture.
What products is the endorsement available for?
-
Cyber Primary
-
Tech E&O Primary
Will the Security Questionnaire modules change over time?
We do plan to update the Security Questionnaire modules to account for additional controls and the evolving threat landscape. However, we aim to keep the frequency of changes low. Whenever changes are introduced, they will be broadly announced to policyholders. A 30-day grace period will be given to update and complete any new questions to remain as “engaged” under the endorsement.
*The max reduction cap will depend on the program and endorsement terms.