When you apply for Coalition cyber insurance we ask you for a domain. This information helps us do a number of important things in order to understand your risk, price your insurance, and helps us offer you tailored recommendations to improve your cybersecurity and lower your risk!
Examples of domains
Imagine the internet is a big city, and it’s divided up into neighborhoods. Each neighborhood has similar resources like parks and restaurants, and you can use the neighborhood name to specify which one you’re looking for - like the SOHO Japanese restaurant, or the High Street playground. Each neighborhood has a planning commission responsible for controlling its own resources.
An internet domain is a named realm of the internet (like a physical neighborhood) that’s controlled by one individual or organization. You can host resources in it like a webpage, send and receive emails, or offer software and services like web apps. It’s typically something like “companyname.com” for webpages & apps, and “[email protected]” for email addresses.
The domain names most of us are familiar with end in “.com”, such as coalitioninc.com. There are various country-specific domains like “.ca” for Canada and “.co.uk” for the United Kingdom, and some domains are specific to types of organizations like “.edu” for educational institutions. Vanity domains have recently become available as well, allowing you to register a domain like “www.john.smith” that is highly memorable.
Why does Coalition need this?
Internet-connected systems are the single biggest source of cyber risk for most organizations, and domain names are the way both legitimate users (customers or employees) and attackers find these systems. Coalition uses this information for two purposes:
- During your insurance application to get a picture of your cyber risk
- Throughout your policy period to help identify changed risks due to newly-discovered security vulnerabilities or new internet-facing systems you begin to use
It is critical that we have complete and accurate information about the domain(s) your organization uses, both when you apply for insurance and throughout your policy period. Your broker can help you if you have questions, and you can always reach out to [email protected] for assistance or need to make an update.
What if I have multiple domains?
Bring them all! With more information we can offer a more detailed picture of your cyber risk and tailored recommendations to address it. Make sure your broker is aware of all domains you use, and they can use the guidance here to enter them during your application. If you add or change a domain during your policy period be sure to let us know.
Not all companies will have multiple domains. If you’re unsure, here are some examples:
- Yes: You have a website that uses “companyname.com”, but one of your products has its own website at “ourgreatproduct.com”
- Yes: You have a website at “companyname.com”, but your email address is different, like “[email protected]”. You may have a third-party email service like Gmail, iCloud, Yahoo, etc., in which case your email might be “[email protected]”. Note: Include your email even if it’s on a third-party service.
- Yes: You have multiple business units or have acquired businesses, each with their own websites or email domains.
- No: You have “companyname.com” and various sites like “mail.companyname.com” or “customers.companyname.com”. These are known as subdomains, and our scanning tools automatically find them! Note this also applies to pages like “companyname.com/customers”.