Skip to main content

Navigation

Catalogue

Security Awareness Privacy & Compliance AI & LLM Security Real-World Incidents

By Industry

Healthcare Financial Services Government Manufacturing Retail & E-commerce Education Legal Services SaaS & Technology Managed Service Providers Non-Profit

By Use Case

Employee Onboarding Annual Compliance Cyber Insurance Readiness Audit Evidence Prep Remote Workforce Contractor & Vendor Breach Response Rehearsal M&A Due Diligence LMS Migration Board-Level Reporting

Threat Library

Phishing Ransomware Deepfake Social Engineering Business Email Compromise AI Prompt Injection

Product

Features SCORM FAQ

Resources

Blog Glossary CISO Guide Compliance Mapping Free Exercises Product Data Sheet

Company

About Us Partnerships Vendor Comparisons Contact

Legal

Security & Compliance Privacy Policy Terms of Service
English Українська
Book a Demo
Cyber Insurance

Cyber Insurance Renewal Readiness

Carriers ask for proof of security awareness training and phishing simulation programs on every renewal. Generate the evidence package your broker needs in 90 days, mapped to the carrier supplemental application.

By Last reviewed

Renewal Season Is Where Training Gaps Cost Real Money

Cyber insurance carriers shifted from soft-touch questionnaires to hard control gates around 2022. Marsh, Aon, and the major carriers all now publish supplemental applications that ask for specific evidence on MFA, EDR, backup, and security awareness training. A weak answer on training raises the premium, narrows coverage, or denies renewal entirely.

The supplemental forms from Travelers, Chubb, Coalition, At-Bay, Beazley, and AXA XL all ask three security awareness questions: what training program runs, who completes it, and what the phishing simulation click-through rate looks like. Most organizations cannot answer the third question with data. That is the gap brokers consistently surface.

RansomLeak runs a 90-day program that delivers what the carrier supplemental needs: workforce-wide training, phishing simulation with measured click-through rate, and a single PDF evidence package the broker can attach to the renewal submission. Customers report premium retention improvements and shorter underwriter back-and-forth.

How It Works

1

Review the carrier supplemental application

Pull the security awareness section from the current supplemental form. Most carriers ask the same three questions, but the wording and evidence format vary. RansomLeak provides a side-by-side mapping for the top six carrier applications.

2

Identify the training and simulation gap

Most organizations have some training in place but lack measured phishing simulation data. The intake call surfaces what gets asked, what evidence already exists, and what needs to ship in the next 90 days.

3

Run the 90-day baseline curriculum

Default curriculum: phishing detection, ransomware response, BEC, MFA hygiene, social engineering, and password manager habits. Workforce completes inside the 90-day window with weekly reminder cadence.

4

Run the phishing simulation alongside training

A standard simulation runs three test waves over the 90 days, with rotating lures and difficulty bands. Click-through rate, report rate, and time-to-report all track per employee. The data feeds the supplemental directly.

5

Generate the broker-ready evidence package

A single PDF compiles training completion records, simulation results, control-mapping to the carrier supplemental, and a one-page executive summary. Hand to the broker for the renewal submission, no further reformatting needed.

What You Get

Per-employee training completion record

Dated PDF and CSV showing which exercises each employee finished, when, and at what score. Required by every major carrier supplemental application.

Phishing simulation rate trend

Click-through rate, report rate, and time-to-report measured across three test waves over 90 days. Customers typically see click-through drop from 20-30% baseline to under 5% by the third wave.

Audit-ready evidence package matching the supplemental

A single PDF mapping every training and simulation artifact to the specific question on the carrier supplemental. Pre-mapped for Travelers, Chubb, Coalition, At-Bay, Beazley, AXA XL, and Marsh broker submissions.

Broker-shareable executive summary

A one-page summary the broker can attach to the renewal submission. Includes program scope, participation rate, simulation trend, and the named exercises completed.

Year-over-year trend report for renewal

Once the program runs annually, you get a year-over-year trend report showing simulation rate improvement and training completion stability. Underwriters reward the trend, not just the snapshot.

Featured Exercises for Renewal Readiness

The exercise sequence we recommend for this use case, pulled from the 100+ catalogue.

Phishing Email Detection

Every carrier supplemental asks about phishing training. The exercise builds the detection habit that the simulation then measures.

Try the exercise

Ransomware First-Hour Response

Ransomware is the named threat in most cyber policy claims data. Carriers want evidence the workforce knows the containment and reporting playbook.

Try the exercise

Business Email Compromise

BEC is the second-largest claim category after ransomware. Travelers and Chubb both ask specifically about BEC training in finance roles.

Try the exercise

MFA Setup Best Practices

MFA enrollment and bypass attempts both appear on carrier supplementals. The exercise covers correct setup and how to recognize MFA fatigue prompts.

Try the exercise

Social Engineering Defense

Help-desk impersonation drove the largest claims of 2023 and 2024. Carriers now look at help-desk verification training in particular.

Try the exercise

Password Manager Habits

Password reuse remains a top three claim root cause. Coverage of password manager adoption and credential hygiene maps directly to underwriter expectations.

Try the exercise
See the full 100+ exercise catalogue

Threats this use case covers

Read the pillar guide for each attack type and the exercises that train against it.

Ransomware

Business Email Compromise

What Is Cyber Insurance Readiness Training?

Cyber insurance readiness training is the security awareness program designed to satisfy carrier renewal supplemental applications. Major carriers including Travelers, Chubb, Coalition, At-Bay, Beazley, and AXA XL ask for documented training programs and measured phishing simulation rates as a coverage gate. Without proof, premiums rise, sublimits tighten, or renewal gets denied. Brokers consistently report security awareness training as a top-three control gap during renewal season.

A readiness program runs at minimum 90 days and produces three artifacts: per-employee training completion records, phishing simulation click-through and report rate data, and an evidence package mapped to the specific carrier supplemental. Year-over-year trend reporting matters more than any single snapshot, since underwriters reward measurable improvement. Most carriers want to see click-through rate drop into single digits and report rate climb above 25%.

RansomLeak runs the 90-day program with interactive 3D training, three-wave phishing simulation, and a broker-ready PDF evidence package pre-mapped to the top six carrier supplementals. Customers report premium retention improvements and shorter underwriter back-and-forth. The same data feeds annual SOC 2 and ISO audits without rework.

Frequently Asked Questions

What security teams ask before picking this use case.

Which cyber insurance carriers does the evidence package cover?

Pre-mapped templates exist for Travelers, Chubb, Coalition, At-Bay, Beazley, AXA XL, Hiscox, CFC, and Tokio Marine HCC. Marsh and Aon broker submissions use a combined template that satisfies most carriers. Custom mappings available on request.

How long does the readiness program take?

Standard cycle is 90 days from kickoff to final evidence package. Workforce training completes in the first 60 days, phishing simulation runs three test waves over the full 90, and the broker package compiles in the last week.

What phishing simulation click-through rate satisfies underwriters?

Most carriers target a click-through rate under 10%, with leaders pushing under 5%. Equally important is the report rate, ideally above 25%. The simulation produces both metrics with the trend across three test waves.

Can we use this for the first-time application, not just renewal?

Yes. First-time applications carry the same supplemental questions but tend to weight initial program design more heavily. The intake call covers first-time application strategy and lets you ship a baseline ahead of submission.

Does the evidence package work with our broker portal?

The PDF and CSV outputs match the format used by Marsh, Aon, Lockton, Gallagher, and HUB. The broker uploads the PDF directly to the carrier portal alongside the supplemental. No reformatting required.

Will this lower our premium?

Premium impact depends on every other control on the application, but customers report retention or modest reductions on renewal after running the program for two cycles. The bigger win is keeping coverage stable when the rest of the market sees policy non-renewal.

Can we add the program mid-policy term?

Yes. Many customers run the 90 days mid-term so the data is fresh on the next renewal supplemental. Some carriers offer mid-term endorsement adjustments when training data improves materially.

Related Reading

Phishing Simulation Training Guide

Read article

Ransomware Awareness Training for Employees

Read article

Business Email Compromise Training

Read article

Security Awareness Training: The Complete Guide

Read article

Compliance Training for Regulated Industries

Read article

Run This Use Case With Your Team

Book a 30-minute walkthrough. Tell us what you are running. We will scope the assignment template and rollout timeline.

Book a Demo Browse Free Catalogue