99% of organizations have a cyber incident response plan. 73% admit it wouldn't hold up under real pressure. So what's the gap, and how do you close it?

Martin Hinton speaks with Matt Mosley, Incident Response Manager at Sygnia, about what actually happens when ransomware hits on a Friday night, why legal delays cost companies millions, and why AI in incident response needs a human hand on the wheel.

For cyber insurers and underwriters, this episode is essential. A weak cyber incident response plan is not just an operational problem; it is a claims problem. Backup gaps, undefined decision authority, and untested IR playbooks all drive longer recovery timelines and higher loss ratios. Mosley identifies exactly what underwriters should ask at renewal and which answers should raise flags.

RESOURCES

Sygnia

Find Matt on LinkedIn

Most CISOs Admit They Are Not Ready For The Next Big Cyberattack

State CISOs Sound The Alarm: What The 2026 NASCIO-Deloitte Study Means For Government Cyber Risk Insurance

Alibaba's AI Agent Mined Crypto Without Permission. Now What? (Forbes)

There's a New Phishing Scam: Fake Invitations (New York Times)

CHAPTERS

00:00 Understanding Incident Response Preparedness

02:53 The Role of Sygnia in Incident Response

04:13 The Dynamics of Incident Response

08:26 The Human Element in Incident Response

11:54 The Disconnect in Perceived Readiness

14:50 Practicing Incident Response Plans

16:58 Identifying Gaps in Incident Response

18:04 The Cost of Delayed Decision-Making

19:16 Dealing with Hubris in Leadership

21:24 The Complexity of Incident Response Plans

23:29 First Steps in Incident Response

25:24 Involving Key Stakeholders

28:00 Preparing for the Unimaginable

31:38 The Mainstreaming of Cybersecurity Awareness

34:46 The Evolving Landscape of Cyber Insurance

35:22 Visibility Gaps in Hybrid Environments

38:16 The Role of the CISO in Crisis Management

41:45 Communicating Cybersecurity Needs to the Board

45:28 The Impact of AI on Cybersecurity

52:34 Best Practices for Incident Response

56:38 Final Thoughts on Cybersecurity Preparedness

ABOUT CYBER INSURANCE NEWS

Cyber Insurance News and Information is the go-to source for underwriters, brokers, CISOs, and senior executives navigating the cyber insurance market. Published and hosted by Martin Hinton, a journalist with 30 years of experience covering just about everything.

Website: https://cyberinsurancenews.org

Most companies think they understand their cyber risk. They filled out the questionnaire. They renewed the policy.

They checked the box. According to cyber insurance experts Ralph Pasquariello and Craig Sekowski of CYBERRISKIQ, that confidence is one of the most dangerous blind spots in corporate America today.

In this episode of the Cyber Insurance News and Information Podcast, Ralph and Craig return as guests to discuss the cyber insurance gaps that leave organizations exposed precisely when they think they are protected.

WHAT WE COVER:

- Why less than 15% of successful cyber attacks ever become public and what that means for how companies assess their own risk.

- The 200-day average dwell time attackers spend inside corporate networks before detection.

- How AI is being used on both sides of the cyber fight and why your current policy may not cover an AI-enabled attack.

- Why renewing your cyber insurance policy annually without review is leaving companies dangerously exposed.

- Third party damages, class action exposure, and why sublimits matter more than most CFOs realize.

- CYBERRISKIQ's induction into the Society of Risk Management Consultants and what it signals about cyber's growing role in enterprise risk management.

- Why the current flat pricing market is an ideal window to add coverage layers without doubling premiums.

ABOUT THE GUESTS:

Ralph Pasquariello and Craig Sekowski are the founders of CYBERRISKIQ, a cyber insurance and cybersecurity advisory firm. They work with corporations, brokers, and risk managers to identify coverage gaps, assess cyber posture, and align insurance limits with real world exposure. They are members of the Society of Risk Management Consultants.

ABOUT THE HOST:

Martin Hinton is the Executive Editor and Publisher of Cyber Insurance News. With over 30 years of journalism experience across six continents, he covers the cyber insurance market for underwriters, brokers, CISOs, and risk managers.

READ THE FULL ARTICLE:

cyberinsurancenews.org/cyber-insurance-blind-spots-cyber-risk-iq

The Society of Risk Management Consultants (SRMC)

CYBERRISKIQ

Craig Sekowski

Ralph Pasquariello, CLCS

Chapters

00:00 Introduction to Cyber Insurance Awareness.

01:10 The Impact of AI on Cybersecurity.

02:44 The Growing Importance of Cyber Insurance.

06:13 Understanding the Hidden Cyber Threats.

07:56 The Role of Risk Management Consultants.

10:06 Bridging the Gap Between IT and Insurance.

11:58 The Importance of Reading Cyber Insurance Policies.

14:05 The Real Costs of Cyber Breaches.

18:12 The Long-Term Implications of Cyber Incidents.

20:49 Understanding Cyber Insurance and Its Importance.

21:55 The Value of Data in Cybersecurity.

23:24 Identifying Vulnerabilities in Data Management.

24:49 The Evolution of Data Breach Insurance.

27:38 The Reality of Cyber Attacks.

30:02 Raising Awareness in Cybersecurity.

31:55 Current Trends in Cyber Insurance Pricing.

35:06 Improving Insurability Through Cybersecurity Practices.

38:32 The Human Element in Cybersecurity Challenges

SUBSCRIBE for weekly coverage of the cyber insurance market from the source professionals trust.

Is your cyber insurance policy built on what your company says it does, or what it can prove?

In this episode, I speak with Tristan Morris, CEO and co-founder of SplitSecure, and Dylan Hamilton, business development lead, about why the shift from static questionnaires to verifiable controls is reshaping cyber underwriting in 2025 and beyond.

We cover credential theft, privileged access, vendor risk, and why 91% of cyber insurance payouts in 2025 were ransomware-related, even though ransomware represents less than 10% of claims by volume.

If you are an underwriter, broker, CISO, CFO, or general counsel, this episode has direct implications for how you buy, write, and manage cyber risk.

In this episode:

Why questionnaires capture a snapshot, not the truth.

How attackers exploit MFA exceptions.

The three ways MFA gets bypassed in practice.

What verifiable proof of credential discipline looks like.

Why privileged access is the single biggest underwriting differentiator.

The vendor access question every underwriter should be asking.

Resources mentioned:

SplitSecure

Verizon Data Breach Report 2025

IBM Data Breach Report 2025

Delinea Cybersecurity Report 2025

Connect with the guests:

Tristan Morris on LinkedIn

Dylan Hamilton on LinkedIn

Chapters

00:00 The Evolving Landscape of Cyber Insurance

09:22 Understanding the Role of MFA and PAM

14:59 The Financial Impact of Cyber Attacks

21:41 Navigating Credential Management Challenges

25:08 The Future of Cybersecurity Practices

35:29 The Evolution of Cyber Insurance Regulations

38:00 Challenges in Rewarding Best Practices

40:28 The Gray Area of Negligence in Cyber Insurance

44:53 Vendor Risks and Third-Party Access

50:34 The Human Element in Cybersecurity

54:31 Future Trends in Cyber Insurance

59:33 Final Thoughts and Quickfire Questions