The cyber insurance industry has definitely matured in recent years, but it’s far from being all grown-up (aren’t we all). However, a recent observation by critical infrastructure security industry veteran and evangelist Dale Peterson points out some attempted adjustments by insurers in response to increased claims, including raising rates (varying between 11% and 40%) and building in more exclusions. Two notable exclusions that would result in a claims denial noted by Dale, the presence or vulnerability of: (vulnerable versions of) SolarWinds Orion and Microsoft Exchange. While cyber insurance does offer one layer of security, it doesn’t cover a multitude of sins. Most insurers require organizations to complete risk assessments prior to approving coverage, and it looks like some are being specific about denying claims from organizations not following prevailing guidance, such as updating systems. Read more at Dale Peterson.