As cyberattacks grow, cyber insurance is increasingly becoming a cost of doing business at law firms. But securing that cyber insurance is also becoming more difficult. Small law firms are facing insurance carriers that are placing a heavier emphasis on proactive cybersecurity measures, dropping clients, and even exiting the cyber insurance space when the risk outweighs the premium.

In the last eight months, insurance carriers have increasingly dropped policyholders that don’t have multifactor authentication in place, which typically includes small law firm clients, noted Amy Landefeld, cyber product lead and digital underwriting manager at insurance provider Beazley.