Cyber risk isn’t standing still, and neither is the language that defines it. As new threats emerge and attackers evolve, the terms shaping cyber coverage are shifting too. If you’re not fluent in this new vocabulary, you could be missing critical details in the policies you place.
That’s why, in honor of Cybersecurity Awareness Month, we turned to Ed Chadwick, VP and Professional Lines Broker at Jencap. With over a decade of experience navigating the nuances of cyber coverage, Chadwick breaks down the key terms every agent should know and why they matter in today’s market.
Definition: Ransomware uses malware to encrypt systems and demands payment for decryption. Extortion is broader: threatening to leak, sell, or publicly expose data (or IP) to coerce payment, even without encryption.
Chadwick’s Take: All ransomware is extortion, but not all extortion is ransomware. Don’t assume a ransomware grant automatically covers non-encryption extortion events. Be sure to confirm the extortion language.
Definition: Software on endpoints (laptops/servers) that continuously monitors, detects, and responds to threats.
Chadwick’s take: It’s table stakes. Underwriters ask about EDR, and lack of it can mean sublimits or exclusions.
Definition: An outsourced, 24/7 security operations service that blends tooling with human analysts to investigate and contain threats.
Chadwick’s Take: Think of it as renting a security team. It’s a maturity signal that can improve terms and pricing conversations.
Definition: A platform that unifies telemetry across endpoints, network, cloud, and servers for faster, more accurate detection and response.
Chadwick’s Take: XDR, the latest and greatest, breaks down silos by pulling intelligence from multiple layers, making it easier to spot malicious code early.
Definition: Commercialized ransomware kits and affiliate programs sold or leased on the dark web.
Chadwick’s Take: Lower barriers mean more attempts. Strong carriers pair policies with threat intel and dark-web scanning, which is part of why modern cyber is 50% service, 50% insurance.
Definition: AI-generated audio/video/images that convincingly mimic real people.
Chadwick’s Take: Deepfakes now supercharge social engineering. Think about a fake CEO voice okaying a transfer. Coverage typically sits under cybercrime/social engineering, so set expectations on limits and wording.
Definition: Manipulating people (via email, phone, SMS, video) into harmful actions or divulging credentials.
Chadwick’s Take: It’s more than phishing. Voice (“vishing”), text, and video lures are rising. Agents should verify crime/social engineering grants and sublimits.
Definition: Coverage for income loss when third-party providers (IT/SaaS or even non-tech suppliers) go down due to a cyber event.
Chadwick’s Take: This is arguably the most misunderstood area, and too often heavily sublimited. For small to midsize buyers carrying $1–$5M towers, aim for full policy limits where possible.
Definition: Many insureds impacted by a single point of failure, like a cloud vendor or MSP outage.
Chadwick’s Take: Attacking one MSP can kneecap dozens of downstream clients. This is why dependent/contingent BI deserves serious attention—and why capacity can tighten.
Knowing the terms is one thing. Knowing how they show up in underwriting conversations, and how they should shape your coverage recommendations, is where agents add real value. Here are a few key considerations Ed Chadwick says every agent should keep in mind when translating vocabulary into action:
1. Underwriters care as much about controls as they do about coverage.
Tools like EDR, MDR, and XDR are baseline expectations. If a client lacks them, they could face sublimits, exclusions, or even declinations. Other controls that move the needle include:
2. Policy wording details can make or break a claim.
A shared vocabulary helps you dig deeper into how a policy is structured. Some examples Chadwick sees agents miss most often:
3. Don’t forget about third-party dependencies.
Terms like accumulation risk and dependent business interruption point to exposures that extend beyond your client’s four walls. A single MSP outage or cloud provider failure can ripple through dozens of downstream businesses, so mapping out vendors and supply chain partners should be part of every cyber risk conversation.
Markets may all say they “do cyber,” but coverage, services, and claims cultures vary widely. Jencap brings deep product understanding and forward-looking scrutiny, probing for the next attack vector so the quote you deliver is the right product for your client today. As Chadwick puts it, “We’re looking at the client’s controls, their industry, how their vendors tie into their exposure, and where the language in a policy actually matters. Two cyber policies might look identical on paper, but when you dig into the endorsements, the sublimits, the triggers, they’re not even close. That’s where we come in.”
Want a quick glossary-guided policy scrub? Jencap’s Cyber team can review ransomware versus extortion wording, dependent/contingent BI limits, and control posture before renewal. Reach out to our specialized Professional Lines team today.