News

The latest news and industry updates from Prizm Solutions.

No MFA? No Cyber Essentials? But what about Cyber Insurance?

BACK

Published: 22/06/2026

Despite popular belief, cyber-attacks do not just happen to large corporations. Small and medium-sized businesses are increasingly being targeted by cyber-criminals because they often have fewer security measures in place.

 

Ideally, every business would have a robust cyber-security strategy that includes Multi-Factor Authentication (MFA), up-to-date anti-virus software, firewalls, regular staff training, secure backups, and recognised standards such as a Cyber Essentials certification.

 

The reality, however, is that many businesses haven't yet reached that stage.  Some are still relying on basic security measures. Others may have inherited outdated systems, while some simply haven't had the time, budget or expertise to implement everything that cyber-security experts recommend.

 

The good news is that this doesn't automatically mean cyber insurance is out of reach.

 

Can You Get Cyber Insurance Without Risk Management Measures?
If you’re one of the small businesses that is still trying to catch up, the good news is, possibly - yes. 

 

Whilst insurers generally favour businesses that have strong cyber security controls in place, there are specialist cyber insurance solutions available for businesses that may not yet meet the highest security standards.

 

This means that even if your organisation doesn't currently use MFA, has limited staff cyber awareness training, or has yet to achieve the Cyber Essentials certification, it may still be possible to obtain cyber insurance cover.

 

Every insurer has different underwriting criteria, which is why working with a specialist insurance broker, like Prizm Solutions can be invaluable. We can approach insurers who understand the realities faced by many businesses and identify suitable options based on your current circumstances.

 

Why Some Cover Is Better Than No Cover
Businesses sometimes avoid exploring cyber insurance because they assume they won't qualify, or they worry the premiums will be too expensive. However, the cost of recovering from a cyber-attack can be significantly higher – so it’s definitely worth a conversation with Prizm Solutions to find out more! 

 

A single cyber incident could result in business interruption, loss of revenue, data recovery costs, legal expenses, regulatory investigations, customer notification costs, ransomware demands, and reputational damage.   But what many business owners don't consider is the amount of time involved in recovering from an attack. Systems may be unavailable for days or even weeks, staff productivity can grind to a halt, and business owners often find themselves trying to coordinate IT specialists, legal advisors, regulators and customers during an already stressful situation. 

 

Without cyber insurance, many businesses don't know where to turn for help or who to call first.  But even a modest cyber insurance policy can provide valuable financial protection as well as access to specialist incident response teams who can guide you through the recovery process when you need them most.  And the cost really isn’t that prohibitive – so it’s worth at least getting a quote. 

 

 

Better Security Usually Means Better Premiums
Of course, businesses that implement stronger cyber-security measures will often benefit from wider cover options and more competitive premiums. Simple improvements such as enabling MFA, introducing staff cyber awareness training, keeping software updated, and working towards a Cyber Essentials certification can make a significant difference to both your cyber resilience and your insurance costs.

 

 

Speak to a Specialist Broker
If you've been told that your business isn't ready for cyber insurance, don't assume there are no options available.  The cyber insurance market has evolved considerably, and solutions may be available even if your cyber security arrangements are still a work in progress…

 

Give Prizm Solutions a call, as we’ll be happy to assess your current position, explain any security improvements that could help, and search the market for suitable cover that protects your business while you continue to strengthen your cyber defences.

 

Prizm has recently been named as a BIBA (British Insurance Brokers’ Association) Accredited Cyber Insurance Broker, reflecting our commitment to helping businesses navigate the increasingly complex world of cyber risk with specialist advice, tailored insurance solutions and expert support when it matters most.

 

And if you want to increase your chances of not falling victim to a cyber criminal’s evil advances, speak to our sister company, Maximity about some Cyber Awareness Training for your business. 

 

As well as cyber insurance, Prizm can also help with other personal and business insurances too.  From Personal Accident Insurance and GAP Insurance to Employers Liability Insurance and Management Liability Insurance. Just give one of our friendly team a call – they’ll be happy to help. 

 

Related News

Why choose Prizm?

Take a look at our real clients with honest reviews

View all reviews

We're here to help!

Prizm

This site uses cookies to improve your experience. By clicking, you agree to our Privacy Policy.