The only cybersecurity compliance
software built for small, independent
insurance companies

CC Shield was developed to give you a defensible cybersecurity program
out of the gate. No internal expertise or expensive consultants required.

You have new, prescriptive requirements.
Our platform helps you meet them.

Independent insurance companies today are on the hook for implementing and maintaining an internal cybersecurity program. Documented policies and procedures, periodic risk assessments and the ability to respond swiftly to a cybersecurity incident are no longer optional. The CC Shield platform allows all of this and more for a fraction of the cost of a consulting firm or IT service provider.

Policy Portal

The Policy Portal provides out-of-the-box template cybersecurity policies built on the best standards available. The best part? They are easy to read and understand even for a non-techie.

The Policy Portal also serves as a central repository for all of your cybersecurity-related policies. Upload your own policies and procedures, track which are in draft and which are approved or leverage our best practice templates – all in one place.

Included are a policies that address general cybersecurity, data retention, third party security and incident response, all as required by law.

Risk Assessment

The Risk Assessment module makes conducting your periodic cybersecurity assessments easy and painless. All you have to do is provide answers to a few simple questions about your company and your current cybersecurity practices.

Our proprietary algorithm does the rest.

We score your risk on the most common cybersecurity threats that businesses face today. You’ll also have access to guides that provide insights into fixing your key areas of risk.

Training & Awareness

The truth is that people are the weakest link of any cybersecurity program. As a result, new laws and regulations require sufficient employee training on data security practices.

Our Training & Awareness module provides top-notch and engaging content so you don’t have to think hard or be an expert to provide your staff with the information they need. Once a training session is completed, you can document the details of the training in our platform – who attended, what information was presented and when it took place.

You even have the ability to send a quiz to attendees as a follow up to the training.

It’s everything a regulator could hope to understand about your diligence in bringing cybersecurity awareness to your employees and a critical step to protecting your company.

Incident Response

The most stressful time for any business is when responding to a cybersecurity incident. Preserving and gathering evidence and information to report is critical. You already have our Incident Response Plan, but how do you document your actions?

Regulators mandate that companies provide notice of a breach at nearly impossible speeds – usually within 72 hours – and require incredible detail on the event to be reported.

Our Incident Response module allows cybersecurity incidents to be logged and tracked as prescibed by the regulators. Over 12,000 laptops alone are lost in the US per day…cybersecurity events happen all the time. Being prepared is key, and we can help.

Education & Resources

Independent insurance companies need access to clear and concise information about their requirements and the best way of achieving compliance. But a Google search with millions of results isn’t only unhelpful – it’s paralyzing.

The Education & Resources module is a library of what you need to know. We’ve distilled guides, videos and overviews into the essentials. This includes videos, training content and “how-to” guides. We are regularly putting out new content, too, so you can stay informed. Because you don’t have time to overthink this, and knowledge is power.

Form Builder

Some companies want an enhanced level of customization for their Cybersecurity Program. If that is you, he Form Builder module can help.

Rather than send Securibly’s standard quizzes to employees after training, you can build your own to be sent. Down the road, you’ll have the ability to create your own third-party risk assessments to be sent to your vendors.

The simple and intuitive interface makes it easy for any insurance company to take their program to the next level.

Third Party Risk

Today, most companies use third parties heavily to perform key business functions. These vendors are often collecting, storing, using or retaining your company’s sensitive data.

With Securibly you’ll already have a Third Party Security Policy and a template assessment. You are required (and it is smart) to evaluate your third parties to ensure they are meeting minimum cybersecurity standards and protecting your data.

The Third Party Risk module makes it easy to send survey-style assessments to third parties and to get answers directly from them as to how they secure your most important asset: data.

All customers receive full access to new modules as they are released at no additional charge.

Penetration Tests & Vulnerability Assessments

Companies that maintain their own IT infrastructure must conduct periodic testing of their systems to ensure gaps and vulnerabilities are identified and remediated. This can be done internally or with a third party.

But why maintain these records elsewhere?

This module is built to store this reporting and documentation, as well as information about it. Knowing when testing was conducted, who performed the test and the overall results is important for compliance.

All customers receive full access to new modules as they are released at no additional charge.


As you have probably figured out, there is a lot of reporting necessary to maintain compliance with new laws and regulations. Additionally, when the regulators come calling, they will want to see hard evidence of your cybersecurity program and efforts.

Meet your best friend – our Reports module.

From our platform, you can view and export anything you need into clean PDF documents. When have policies been updated? What cybersecurity incidents have we had? How about our third parties?

All viewable in one central place.

All customers receive full access to new modules as they are released at no additional charge.

Cyber Event Notification

Managing a cybersecurity incident is hard enough. But what about tracking down the right people to notify? State insurance commissioners or industry supervisors want to know what you know about a data breach quickly and in detail.

Our Cyber Event Notification module is a mechanism for notifying appropriate industry authorities when a cybersecurity event occurs. Spend your time getting your business back up and running instead of chasing down contact information or tracking your communications.

All customers receive full access to new modules as they are released at no additional charge.


Most states now mandate annual certification of compliance. Each year, you have to attest that your company was in compliance with cybersecurity laws and regulations for the previous calendar year.

Our Certification module provides an easy place to sign off on your compliance and download the documentation needed to send off to the applicable authorities.

All customers receive full access to new modules as they are released at no additional charge.

Get up and running in minutes

The CC Shield platform is powerful, easy-to-use and a fraction of the cost of any alternative.

Take cybersecurity compliance off of your plate for good.