Let's make sure you qualify and that your policy pays out when you need it.
NZ insurers are asking tougher questions, declining more applicants, and paying out less when the controls weren’t in place. NSP’s cyber insurance assessment shows you exactly where your gaps are, what your insurer is looking for, and how to close the gaps before they become your problem.
What does getting cyber insurance involve?
Cyber insurance proposal forms are more detailed than most businesses expect. They ask specific questions about MFA, patching, backups, incident response plans, and security training and wrong answers can void your policy at claim time, even if an incident wasn’t related to those controls.
NSP helps you understand what each question is actually asking, verify that your controls are in place before you answer, and prepare documentation that supports what you claim. We don’t replace your broker – we give them the technical foundation to submit a strong application.
-
Application Support: Get Your Application Right First Time
-
Cyber Insurance Readiness Assessment: Know Where You Stand Before Insurers Do
-
Strategic Cybersecurity Roadmap: A Plan That Fixes the Right Things First
-
Enhanced Risk Controls: Implement What Insurers Check For
-
Robust Documentation: Build the Evidence Trail That Protects You at Claim Time
-
Periodic Cyber Risk Assessments: Stay Covered Beyond Your First Application
What NZ cyber insurers check for
Cyber insurance in New Zealand has changed significantly in the last few years. Insurers are conducting more detailed assessments before underwriting, asking increasingly specific questions about your security controls, and – critically – using the answers to determine whether they’ll pay out if something goes wrong.
The controls NZ underwriters consistently check for are: multi-factor authentication on email, VPN, remote access tools, admin accounts, and backup systems; a documented patching schedule with evidence of compliance; tested backups with offline or immutable copies; endpoint and email security controls; VPN with MFA for remote access; documented incident response and disaster recovery plans that have been tested annually.
Why does this matter so much? Because wrong answers on an application can void a policy – even if the incident that triggered the claim wasn’t related to those controls.
NSP’s cyber insurance assessment verifies that your controls are actually in place and produces the documentation that proves it when it matters most.
Your Question Answered
1. WHAT IS A CYBER INSURANCE ASSESSMENT?
A cyber insurance assessment reviews your business’s security controls against what NZ insurers require before they’ll underwrite or renew a policy. NSP’s assessment identifies gaps that could affect your eligibility for coverage or your ability to make a successful claim and produces the documentation that supports your application.
2. WHAT DO NZ CYBER INSURERS LOOK FOR?
NZ insurers consistently check for multi-factor authentication on critical systems, a documented patching schedule with evidence of compliance, tested backups with offline or immutable copies, endpoint and email security controls, VPN with MFA for remote access, staff phishing training records, and an incident response plan that has been tested. Requirements vary between insurers but these controls appear across most NZ proposal forms.
3. WHY DO CYBER INSURANCE CLAIMS GET DENIED?
Most denials come down to controls that were stated in the application not actually being in place when the incident occurred or policies not being actively maintained throughout the coverage period. Insurers have voided policies where application answers about MFA or patching were inaccurate, even when the breach wasn’t directly related to those controls. NSP’s assessment and documentation service is specifically designed to prevent this scenario.
4. DO I NEED A CYBER INSURANCE ASSESSMENT BEFORE APPLYING?
Not always but it significantly improves your chances of being accepted and reduces the risk of a claim being denied later. An assessment verifies your controls are actually in place and produces documentation that supports your application answers. Without it, you’re relying on your own judgement about controls that insurers will scrutinise carefully.
5. CAN NSP HELP WITH THE ACTUAL INSURANCE APPLICATION?
Yes. NSP provides application support – helping you understand what each question is actually asking, prepare accurate and defensible answers, and avoid the mistakes that lead to declined applications or voided policies. We work alongside your broker to give them the technical foundation they need to present a strong submission to underwriters.
6. HOW IS A CYBER INSURANCE ASSESSMENT DIFFERENT FROM A STANDARD SECURITY ASSESSMENT?
A standard cyber security assessment looks at your overall risk exposure across all areas. A cyber insurance assessment is specifically scoped to what NZ underwriters are currently checking for – it maps your controls to insurer requirements, identifies what affects your insurability, and produces documentation in a format that supports your application and any future claim.
7. WHAT MAKES NSP'S CYBER INSURANCE ASSESSMENTS DIFFERENT IN NEW ZEALAND?
NSP is a cybersecurity provider, not a broker or insurer. We work alongside your broker to provide the technical verification they can’t do themselves – confirming your controls are actually in place, documenting the evidence, and fixing the gaps before they affect your coverage. Our NZ-based team has direct knowledge of what local underwriters are asking for, and we can refer you to our vCISO service if your assessment reveals broader security leadership gaps.
View more
Optimise your cyber insurance investment
Learn More About NSP's Cybersecurity Solutions
Penetration Testing
Prove your defences hold up
Many NZ insurers ask about regular security testing. An NSP pen test gives you a documented, professional result you can reference directly in your insurance application.
Email Security Service
Lock down your most-targeted entry point
Email filtering, anti-spoofing, and threat detection - the controls NZ insurers check for under email security, implemented and documented by NSP.
vCISO
Ongoing security leadership
If your assessment reveals structural gaps in your security programme, a vCISO provides the ongoing leadership to close them and keeps your posture current for every renewal.
Incident Response
Be ready before something goes wrong
Insurers want to see a tested incident response plan. NSP helps you build, document, and test yours and if an incident does occur, we're the team you call first.
Top Headlines With The Latest News
Stay up to date with our latest resources on cybersecurity.
Cloud
Cloud Migration NZ: Lessons for New Zealand Businesses
What It Takes to Migrate IT Infrastructure in the Pacific Islands and What It Means for Your Business
May 1, 2026
Cybersecurity
Cyber Insurance in 2026: What Gets Covered, Denied, or Priced Out
Cyber Insurance in 2026: What Gets Covered, Denied, or Priced Out
April 20, 2026
Zabeen Hussain - Women in ICT Awards 2026 Entrepreneur Finalist | NSP
Celebrating Zabeen Hussain: NSP Commercial Manager Named Finalist in Women in ICT Awards 2026
April 13, 2026
Cybersecurity
Why Businesses Get Breached Despite Having the Right Security Tools
Why Most Businesses Get Breached Despite Having the Right Security Tools Most businesses believe they're protected because they have security tools. A firewall, antivirus software and maybe an endpoint detection platform.
March 24, 2026
Cybersecurity
Security Preparedness: Why Waiting for a Crisis is Too Late | NSP NZ
You Can't Build a Moat During a Siege: Why Cybersecurity Preparedness Can't Wait
March 23, 2026
Let’s stay in touch!
Enter your details below to stay up-to-date with the latest IT solutions and security measures.