Handrails
Cyber insurance renewal

Underwriters increasingly want exercised controls, not just policies.

Insurers increasingly assess operational readiness, exercised controls and response capability, not just documentation. Documented rigor is the lever that moves premiums and retentions.

Get startedSee how it works
Report · underwriter-ready
Live
Renewal tabletop · for brokerReady
BEC detectionPayment halted before release
Out-of-band verificationPO-sourced phone number used
Supplier alerting processNo template to warn other suppliers
MSP escalationTier-2 engaged within 14 min
Named incident officerNot listed on policy schedule
What gets in the way

What insurers actually want to see.

01

Insurers increasingly ask for exercised controls

Evidence of recent simulations and tested response processes increasingly influences underwriting conversations across cyber, operational resilience and commercial risk lines.

02

Premiums, retentions and scrutiny keep rising

Loss history is fixed. Evidence of exercised controls and operational readiness is one of the few underwriting levers companies can still influence.

03

Underwriters reward operational readiness

A brief, documented simulation with named participants and exercised controls gives brokers and underwriters evidence they can actually use during renewal and risk review conversations.

Why do this before renewal

Traditional underwriting reviews vs continuous readiness evidence

The old way

Traditional underwriting process

  • 'Last tabletop' entry is two years old, if any
  • Generic control attestation, no execution evidence
  • Broker has no concrete rigor to push back on the underwriter
  • Premium and retention hikes land unchallenged
With Handrails

Continuous readiness evidence with Handrails

  • Targeted scenario run in the week before submission
  • Named officers, timestamps and decisions in the report
  • Broker attaches the packet directly to the submission
  • Documented rigor moves the quote — repeatedly
How a renewal exercise runs

Underwriter-ready evidence the week before renewal.

Holly runs a targeted scenario built around the controls your broker is asking about. The report lands in the shape underwriters actually read.
1Context in
Context
RenewalT-90 days
LeverPremium · retention
BrokerPre-submission tabletop
ControlsMFA · EDR · immutable backups
FormUnderwriter questionnaire
Named officersPer declarations page
RenewalT-90 days
LeverPremium · retention
BrokerPre-submission tabletop
ControlsMFA · EDR · immutable backups
FormUnderwriter questionnaire
Named officersPer declarations page
Peer eventRansomware in your sector · Q1
Limits$20M / $2M retention
SubmissionT-7 days
In the roomCFO · CISO · Legal · MSP
OutputUnderwriter-ready report
PurposeBetter quote · lower retention
Peer eventRansomware in your sector · Q1
Limits$20M / $2M retention
SubmissionT-7 days
In the roomCFO · CISO · Legal · MSP
OutputUnderwriter-ready report
PurposeBetter quote · lower retention

Scenario built around the questionnaire.

Share the broker cover. Holly writes a scenario that exercises the controls your underwriter cares about: ransomware, BEC, third-party breach — mapped to the exact questions on the form.

2Virtual session
Live · virtual47:32
Holly, the Handrails AI agent, facilitating a session
Speaking
Holly · Handrails AI
Sam · CFO
Lin · CISO
Transcript
Holly

The people on your declarations page.

Named officers, your incident commander, legal, the MSP. Holly runs the session, presses every role, captures decisions the underwriter will read.

3Report out
Renewal tabletop · for brokerReady
BEC detectionPayment halted before release
Out-of-band verificationPO-sourced phone number used
Supplier alerting processNo template to warn other suppliers
MSP escalationTier-2 engaged within 14 min
Named incident officerNot listed on policy schedule

Attach directly to the submission.

Clause citations, a control-effectiveness narrative, named participants in the shape most underwriters accept as-is.

What underwriting teams actually use

A packet underwriters actually read.

Submission-ready report

Shaped to the renewal questionnaire. Your broker attaches it directly to the submission.

Control-effectiveness narrative

Short, concrete write-up of how your operational, continuity, escalation and response controls actually performed under load.

Named-officer log

Decisions attributed to the officers on your declarations page - exactly what underwriters need to see.

Remediation list

Any gaps the exercise surfaces, with owners and target dates - so you carry momentum into next renewal.

Trigger moments

Book a renewal tabletop if your

Renewal is approaching within 90 days
Insurer or broker is requesting stronger evidence of exercised controls
Renewal discussions include a proposed premium or retention increase
Organization recently faced an incident or control gap that exposed weaknesses in response capability
Underwriters are asking how you validate operational readiness

Renewal in 90 days? Run this now.

A ninety-minute targeted tabletop gives your broker something to push with. Book the slot before submission.

Get startedSee how it works