LeadingIT warns Chicago businesses on cyber insurance denials tied to MFA gaps

By AI, Created 5:27 AM UTC, June 03, 2026, /AGP/ – LeadingIT CEO Stephen Taylor says more cyber insurance claims are being denied as carriers scrutinize multi-factor authentication, endpoint protections and other controls at renewal. The warning matters for Chicago-area small and midsize businesses, where a denied claim can shift breach costs, legal fees and regulatory fines back onto the company.

Why it matters: - Cyber insurance is becoming harder to keep if basic security controls are incomplete. - A denied claim can leave a business paying for recovery, legal fees and regulatory fines without coverage. - For Chicago-area companies with 30 to 150 employees, that exposure can start in the six figures. - S&P Global forecasts cyber insurance premiums to rise 15% to 20% in 2026.

What happened: - Stephen Taylor, CEO of Chicago IT and cybersecurity firm LeadingIT, warned businesses to review cyber insurance requirements before their next renewal. - Taylor pointed to NAIC’s 2025 Cybersecurity Insurance Report, which said 28,555 cyber insurance claims were denied in 2024, compared with 9,941 paid. - Taylor also cited Coalition’s 2024 cyber claims data, which found 82% of denied claims involved organizations that did not have MFA fully implemented across their environment. - LeadingIT serves businesses in Chicago neighborhoods including the Loop, River North, West Loop, Lincoln Park and Fulton Market, as well as Cook and DuPage counties.

The details: - Insurers are focusing on whether multi-factor authentication is enforced everywhere, including email, VPNs, remote access points, admin accounts and privileged accounts. - Insurers now want authenticator apps or hardware tokens rather than SMS-based verification. - Marsh McLennan’s 2025 Cyber Insurance Market Report found that 99% of cyber insurance applications now include specific MFA questions. - The same report found that 41% of applications are denied on first submission. - Carriers are moving from self-reported questionnaires to technical audits of actual environments. - Some carriers are running security scans before binding coverage. - Additional controls now matter too, including endpoint detection and response on every device, tested backups stored separately from primary systems, centralized logging and a written incident response plan. - Organizations that fully implement and document these controls have seen premiums fall 50% to 60% compared with those without them, according to S&P Global Ratings’ 2026 Cyber Insurance Market Outlook.

Between the lines: - The shift suggests insurers are treating cyber coverage more like a verified security standard than a paperwork exercise. - Businesses that only checked boxes on applications may now fail renewal reviews or post-breach audits. - MFA gaps remain the most common failure point, but insurers are widening the lens to overall resilience and recoverability. - LeadingIT is positioning its managed IT and cybersecurity services as support for companies that need their controls to hold up under carrier scrutiny.

What’s next: - Chicago businesses are likely to face more technical review at renewal and after incidents. - Companies that want coverage to survive those reviews will need to document MFA, endpoint security, backups, logging and incident response more carefully. - Taylor said more carriers are issuing non-renewals, declining to quote or canceling existing policies when MFA is missing. - Businesses seeking a review of their managed IT and cybersecurity posture can contact LeadingIT in Chicago or visit LeadingIT’s website.

The bottom line: - In cyber insurance, incomplete MFA is no longer a small gap — it can be the reason a claim gets denied.