← All topics
Cyber-insurance readiness

Detection & Monitoring

Visibility into sensitive systems.

Why it matters

You can't respond to what you can't see — logging and segmentation contain the blast radius.

What strong practice looks like

Logging, monitoring of sensitive systems, and network segmentation.

What this area covers

Is an IDS/IPS in place?

IDS/IPS are systems that watch your network traffic for signs of an attack. Carriers ask because catching an intruder early — before they’ve moved through your systems — dramatically limits the damage.

  • IDS (intrusion detection system) is like a security camera — it spots suspicious activity and raises an alert.
  • IPS (intrusion prevention system) goes one step further — it spots and blocks the suspicious activity automatically.

CISA — Securing Networks ↗ — what good looks like

Are sensitive-data servers isolated by network segmentation?

Network segmentation means dividing your network into separate sections instead of one big open space — so if an attacker gets into one area, they can’t freely reach everything else. Think of watertight compartments in a ship: a leak in one doesn’t sink the whole vessel.

This question is specifically about isolating the servers that hold sensitive data. Carriers ask because segmentation is one of the strongest ways to contain a breach.

CISA — Network Segmentation ↗ — what good looks like

Also covered in this area

  • Are logging and monitoring enabled on sensitive-data systems?

This library is general education, not advice about your specific organization. It describes what each control is and what strong practice looks like; whether and how any of it applies to you is your decision, in consultation with your carrier, broker, or counsel.