In our most recent blog, Brad Pierce discussed what a cyber insurance policy is not. It is not a savior in the wake of a data breach. It is not a replacement for proactive, resilient security measures. What it is, however, is a component of an effective incident response strategy. In this post, I would like to take the time to discuss considerations organizations should take when purchasing a cyber insurance policy.