Question 16
Domain 3 — Risk Response and ReportingWhat is the primary purpose of purchasing cyber insurance?
Correct answer: B
Explanation
Cyber insurance is designed to shift the cost of cyber incidents from the insured to the insurer. By paying premiums, the policyholder "transfer[s] financial risk to the insurer" so losses from breaches, ransomware, or related claims are covered under the policy.
Why each option is right or wrong
A. To prevent cyber attacks
B. To transfer financial risk to the insurer
Cyber insurance is a risk-financing mechanism: the insured pays a premium and, in return, the insurer assumes covered losses arising from cyber events such as breaches, ransomware, and incident response costs. In insurance law terms, the policy shifts the economic burden of those losses from the policyholder to the carrier, rather than preventing the incident itself or eliminating the underlying exposure.
C. To eliminate technical vulnerabilities
D. To comply with all regulations automatically