Cyber Insurance Explained: What Blue Teams Need to Know Before an Incident
Description
From teaching AP art history to brokering cyber insurance deals. 🎓➡️🛡️
In this episode of Simply Defensive, Josh Mason and Wade Wells sit down with Andy Runyan from Yukon to break down everything blue teamers need to know about cyber insurance — before an incident happens. Andy shares his unconventional journey from fourth-generation educator and baseball coach to becoming a cyber insurance specialist, and explains why understanding your policy is just as important as your incident response plan.
What you'll hear:
🔹 How cyber insurance actually works (and what it doesn't cover)
🔹 Why having an incident response retainer matters — before you need it
🔹 The role of cyber insurance in incident response and recovery
🔹 Third-party contract requirements and state mandates on the rise
🔹 Common mistakes companies make when filing claims
🔹 FTC Safeguard Rules and what they mean for businesses
🔹 How to prepare your organization for cyber insurance requirements
🔹 What lowers premiums (and what should, but doesn't)
Why This Matters for Blue Teamers:
If you're in a SOC or handling incident response, you will interact with cyber insurance at some point. Understanding how policies work, what triggers coverage, and how to prepare can make the difference between a smooth recovery and a catastrophic financial loss. This episode gives you the insider knowledge to help your organization be ready.
⏱️ Timestamps:
00:00 Introduction and Welcome
00:15 Andy's Unique Background: From Teacher to Cyber Insurance
03:00 Getting Into Cyber Insurance in 2019
04:00 The Wild West of Cyber Insurance During COVID
06:00 When Companies Actually Buy Cyber Insurance
08:00 What Blue Teamers Need to Know About Insurance
10:00 The Problem with Incident Response Retainers
12:00 How Insurance Companies Handle IR vs. What You Need
15:00 Multi-Factor Authentication and Premium Discounts
18:00 Why Having an IR Plan Doesn't Lower Your Premium (But Should)
21:00 Third-Party Contract Requirements on the Rise
24:00 State Mandates: What's Coming Next?
27:00 FTC Safeguard Rules and Compliance Reality
30:00 Where to Learn More About Yukon
🔗 Connect with Andy Runyan:
→ Yukon Website: https://www.ukon.com
→ LinkedIn: https://www.linkedin.com/in/andy-runyan
→ Email: andy.runyan@ukon.com
👥 Connect with the Hosts:
→ Josh Mason: https://www.linkedin.com/in/joshuacmason/
→ Wade Wells: https://www.linkedin.com/in/wadingthrulogs/
→ Swimlane: https://www.linkedin.com/company/swimlane
🎙️ Listen on Your Favorite Platform:
→ Spotify: https://open.spotify.com/show/72QTocT5FSTSPV7o1UcMS4
→ Apple Podcasts: https://podcasts.apple.com/us/podcast/simply-defensive/id1773806182
→ Full Playlist: https://youtube.com/playlist?list=PL4Q-ttyNIRAr6DVrsASx1-Fv-TsooJ3M4
👍 If you enjoyed this episode, don't forget to like, subscribe, and share with your fellow defenders. Every week, Josh Mason and Wade Wells bring you practical, no-fluff conversations with cybersecurity professionals who are doing the work.
💡 Brought to you by ThreatLocker – Secure your business with zero trust application control. https://www.threatlocker.com/simplydefensive
=========================
Sponsored by @ThreatLocker - Free 30-day trial visit:
https://www.threatlocker.com/simplydefensive
=========================
All the ways to connect with Simply Cyber
https://SimplyCyber.io/Socials
=========================
This podcast is presented by Simply Cyber Media Group
United States
