Let us handle IT so you can focus on growing your business.
Empower your IT team with scalable co-managed support.
Get multichannel 24/7/365 expert end-user support.
Protect, detect, and respond—Dataprise keeps your business secure.
Maximize uptime with with industry-leading DRaaS.
Swiftly mitigate cyber threats and restore security.
Improve efficiency, productivity and outcomes with cloud.
Ensure all mobile devices, everywhere, are secure.
Gain a competitive edge with strategic IT solutions.
This battle-tested checklist enables your team to swiftly initiate a ransomware response.
IT for businesses of all sizes, in any industry.
Empower institution growth with custom IT solutions.
Ensure your firm is always in compliance.
Improve patient care and staff morale.
Deal with pressing legal matters, not IT.
Keep up with the evolving digital landscape.
Focus on your mission by outsourcing IT.
Keep production running with secure, always-on IT.
Accelerate PE client deals and secure data.
Empower Your Municipality with Secure, Reliable IT Services
Execute initiatives and develop IT strategies.
Get the latest industry insights and trends.
Join us at events in person and online.
Hear from clients and learn more about strategic IT.
See how Dataprise can make IT your greatest asset.
Get informative technical resources from IT experts.
Stay on stop of emerging cybersecurity threats.
Discover the key areas of DR your organization needs to address to ensure downtime is minimized.
Gain a strategic asset by bringing harmony to IT.
Ensure 24/7 support and security with dedicated teams.
Drive business forward by partnering with Dataprise.
Meet our one-of-a-kind leadership team.
Discover the recognition Dataprise has earned.
Help us help businesses with strategic IT.
Grow through acquisition and partnership with Dataprise.
Embracing different perspectives and backgrounds.
Find a Dataprise location near you.
Dataprise is committed to empowering more women to consider a career in technology.
Explore our trusted partnerships with leading tech innovators.
Posts
By: Dan Felzke
Table of content
At this year’s NetDiligence conference, our Senior Director of Incident Response, Dan Felzke, joined a panel to talk about something that’s getting more complicated every quarter: the relationship between cyber insurance, emerging AI risk, and what actually happens when a breach unfolds.
The discussion focused on real-world challenges, highlighting what insurers are asking, what organizations are actually deploying, and how the two don’t always line up.
Here are the themes that really stuck with us.
There’s no question that AI adoption is accelerating. Teams across the business are experimenting with tools that promise efficiency, automation, and competitive advantage. In many cases, they’re moving faster than formal governance structures can keep up.
Meanwhile, cyber insurance applications still tend to focus on more traditional risk signals. Frameworks from the National Institute of Standards and Technology and programs like Cybersecurity Maturity Model Certification provide strong foundations, but they were not built with widespread generative AI usage in mind.
AI introduces new wrinkles. Data flowing into external models. Internal models trained on sensitive information. Employees experimenting with tools that IT never formally approved. These are real risks, and insurers are still figuring out how to properly assess and price them.
That creates a gray area. Companies may believe they are covered, while underwriters may not fully understand the exposure being introduced. When those assumptions collide, it rarely happens at a convenient time.
One of the most grounded parts of the conversation centered on insurance questionnaires. Many of them confirm that a control exists, but they stop short of asking whether that control is actually effective.
You can state that you have multi-factor authentication. But is it enforced consistently across all systems and privileged accounts?You can confirm that you run vulnerability scans. But are critical findings remediated within defined timelines, and is someone accountable for tracking them?
From an incident response standpoint, the issue is rarely that organizations have nothing in place. It is more often that controls are partially deployed, inconsistently enforced, or not regularly validated. On paper, everything looks solid. In practice, small gaps compound over time.
That gap between existence and effectiveness is where incidents tend to happen.
The panel also touched on Continuous Threat Exposure Management, or CTEM, which is gaining traction as organizations look for more realistic ways to manage risk.
Instead of treating security like a quarterly task or annual audit, CTEM encourages continuous validation. It connects scanning results to prioritization, remediation, and ongoing monitoring. It recognizes that risk shifts daily, not annually.
This approach aligns much more closely with how attackers operate. Threat actors are not waiting for your next compliance review. Organizations that move toward continuous visibility and response tend to discover issues earlier and resolve them before they escalate.
Incident response tabletop exercises were another topic that sparked discussion, especially those offered through insurance programs.
Tabletops absolutely have value. But when they become overly simplified or designed primarily to check a compliance box, they miss the point. A meaningful exercise should test decision-making under pressure. It should reveal confusion around roles and escalation paths. It should surface communication gaps between technical teams and executive leadership.
If everyone leaves the room feeling completely confident and unchallenged, the scenario probably was not realistic enough. Real incidents are messy. Preparation should reflect that.
A growing number of major breaches originate through vendors, partners, or service providers rather than the primary organization itself. As companies outsource more infrastructure, platforms, and business processes, third-party risk becomes tightly intertwined with internal security.
A simple but practical recommendation discussed on the panel was to start by looking at who your organization is paying. Every vendor relationship represents a level of operational dependency. If they handle your data or support critical systems, their security posture directly affects your exposure.
Extending monitoring and due diligence to third parties is no longer optional. It is part of responsible risk management.
There was also a shared acknowledgment that organizations have more data than ever. Outside-in scans. Dark web monitoring. Risk reports. Exposure dashboards.
The challenge is not visibility. The challenge is action.
How are vulnerabilities prioritized? Who owns remediation? What compensating controls are in place when immediate fixes are not possible? These operational details often determine whether a finding becomes a footnote or a full-scale incident.
The companies that consistently reduce their risk profile are not necessarily the ones with the most tools. They are the ones that follow through.
The biggest takeaway from the panel was not that insurance is broken or that AI is inherently dangerous. It was that security maturity matters more than ever.
As underwriting models evolve and AI adoption expands, organizations that continuously validate controls, actively manage third-party exposure, and pressure-test their response capabilities will be in a much stronger position. That strength shows up not only during an incident, but also in underwriting conversations and coverage negotiations.
Cyber insurance will continue to adapt. AI will continue to evolve. Attackers will continue to innovate.
The organizations that treat security as a living, operational discipline rather than a static compliance exercise will be the ones best positioned to handle what comes next.
If you are taking a fresh look at your incident response readiness or evaluating how AI initiatives may be reshaping your risk profile, these are conversations worth having sooner rather than later.
This recap captures the high-level themes, but the live discussion adds important nuance, real examples, and candid perspectives from across the cyber insurance ecosystem.
If you are responsible for security strategy, risk management, or insurance renewal conversations, it is well worth taking the time to watch the full panel session below. The discussion provides practical insight into how underwriters are thinking, where organizations are falling short, and what security maturity really looks like in today’s environment.
INSIGHTS
Subscribe to our blog to learn about the latest IT trends and technology best practices.