New post-claim service provides policyholders up to 100 hours of hands-on security implementation to address the elevated repeat-incident risk that follows a cyber claim

Key News Highlights

• At-Bay expands its InsurSec model with Post-Cyber Event Hardening, to bridge the gap between incident response and sustainable security resilience.
• Businesses that experience a cyber incident are twice as likely to face another one within two years¹; At-Bay’s new service directly targets the unresolved vulnerabilities that drive repeat claims.
• Unlike standard incident response, which focuses on operational recovery, Post-Cyber Event Hardening delivers hands-on security, turning recommendations into actions.

SAN FRANCISCO — March 18, 2026 — At-Bay, the InsurSec provider for the digital age, today announced the launch of Post-Cyber Event Hardening, a new post-claim service available to eligible policyholders that delivers up to 100 hours of hands-on security remediation to help prevent future cyber incidents and strengthen insureds’ security posture.

Ransomware and financial fraud remain the costliest and most frequent drivers of cyber claims among small and mid-market businesses. Yet even after a successful claims response, the underlying vulnerabilities that enabled an attack are often left unresolved. According to industry data, businesses that experience a cyber incident are twice as likely to face a repeat incident within two years.

Post-Cyber Event Hardening addresses this gap directly. *At-Bay’s dedicated security team can work alongside the insured’s IT staff to conduct an in-depth assessment of the highest-risk security gaps remaining in the insured’s environment and implement improvements to help prevent future incidents. 

“We built At-Bay around the belief that insurance and security are better together, and Post-Cyber Event Hardening is one of the clearest expressions of that philosophy,” said Ken Riegler, President of At-Bay Insurance. “While incident response is critical to restoring systems and getting back online, this service ensures that our policyholders walk away from a claim with a more secure environment.”

At-Bay’s Post-Cyber Event Hardening Service Highlights

• **$25,000 sublimit (up to 100 hours) for hands-on security implementation from At-Bay’s dedicated security experts
  
• In-depth assessment of the highest-risk security gaps, going beyond surface-level reviews to identify root causes and systemic vulnerabilities
  
• Prioritized, risk-based remediation plan tailored to each insured’s specific technology environment
  
• Direct implementation support to fix and improve security posture alongside the insured’s IT staff or MSP
  
• Structured, ongoing engagement with continuous tracking and support throughout the improvement process

To learn more about At-Bay’s new Post-Cyber Event Hardening, connect with your At-Bay Underwriter or email us here.

1 Source: Optiv 2025 Cybersecurity Threat and Risk Management Report

*At-Bay Security, LLC is a wholly owned subsidiary of At-Bay, Inc. and provides cybersecurity services. At-Bay Security, LLC does not provide insurance services.

**Post-Cyber Event Hardening is available to eligible policyholders via the Post-Cyber Event Hardening Insuring Agreement endorsement. Please refer to your policy’s endorsement for specific terms and conditions. Coverage enhancements and eligibility are subject to the specific risk profile of the business and underwriting review.