ISBA Mutual Cyber Liability Insurance Intake Form Contact Name(Required) First Last Job TitleContact Email(Required) Contact Phone(Required)What is the name of your business?(Required)List any and all websites/domains owned, operated or affiliated with your firm (including any domains used only for email or marketing))Address(Required) Street Address Address Line 2 City AlabamaAlaskaAmerican SamoaArizonaArkansasCaliforniaColoradoConnecticutDelawareDistrict of ColumbiaFloridaGeorgiaGuamHawaiiIdahoIllinoisIndianaIowaKansasKentuckyLouisianaMaineMarylandMassachusettsMichiganMinnesotaMississippiMissouriMontanaNebraskaNevadaNew HampshireNew JerseyNew MexicoNew YorkNorth CarolinaNorth DakotaNorthern Mariana IslandsOhioOklahomaOregonPennsylvaniaPuerto RicoRhode IslandSouth CarolinaSouth DakotaTennesseeTexasUtahU.S. Virgin IslandsVermontVirginiaWashingtonWest VirginiaWisconsinWyomingArmed Forces AmericasArmed Forces EuropeArmed Forces Pacific State ZIP Code Type of Business(Required)Number of Employees (including owners)(Required)Revenue (before any deductions)(Required)Is more than 25% of your firm's gross revenue derived from real estate transactions?(Required) Yes No Within the last three (3) years has the Named Insured suffered any cyber incidents resulting in a claim in excess of $25,000?(Required) Yes No Explain the specifics of the cyber incident(s) the named insured suffered.Is Named Insured aware of any circumstances that could give rise to a claim under this insurance policy?(Required) Yes No If yes, explain the circumstances and/or potential claims.Does the Named Insured implement encryption on laptop computers, desktop computers, and other portable media devices?(Required) Yes No Sometimes Does Named Insured collect, process, store, transmit, or have access to any Payment Card Information (PCI), Personally Identifiable Information (PII), or Protected Health Information (PHI) other than employees of Named Insured?(Required) Yes No (If Yes) What is the estimated annual volume of payment card transactions (credit cards, debit cards, etc.)? No Records Less than 100,000 100,000 - 500,000 500,000 - 1,000,000 Over 1,000,000 (If Yes) How many PII or PHI records does Named Insured collect, process, store, transmit, or have access to? No Records Less than 100,000 100,000 - 500,000 500,000 - 1,000,000 Over 1,000,000 Does Named Insured maintain at least weekly backups of all sensitive or otherwise critical data and all critical business systems offline or on a separate network? Yes No For which of the following services do you enforce Multi-Factor Authentication (MFA) (Receive a text/autheticator request when logging in)?(Required) Email Virtual Private Network (VPN), Remote Desktop Protocol (RDP), RDWeb, RD Gateway, or other remote access Network/cloud administration or other privileged user accounts Does not use Multi-Factor Authentication Does Named Insured allow Virtual Private Network (VPN), Remote Desktop Protocol (RDP), RDWeb, RD Gateway, or other remote access? Yes No Does Named Insured use Multifactor Authentication (MFA) on Network/cloud administration or other privileged user accounts where supported? Yes No Does Named Insured require a secondary means of communication to validate the authenticity of funds transfers (ACH, wire, etc.) requests before processing a request in excess of $5,000 or any change to bill pay, payroll, or other payment information?(Required) Yes No Within the last 3 years has Named Insured been subject to any complaints concerning the content of its website, advertising materials, social media, or other publications?(Required) Yes No Does Named Insured enforce procedures to remove content (including third party content) that may infringe or violate any intellectual property or privacy right?(Required) Yes No Will Named Insured have an active technology errors and omissions policy concurrent with this insurance policy?(Required) Yes No Will Named Insured have an active errors and omissions or miscellaneous professional liability policy concurrent with this insurance policy?(Required) Yes No