SecPlusTrainer / Glossary / What is risk transfer?
D1 · General

What is risk transfer?

Risk transfer shifts financial consequences to a third party — cyber insurance (covers breach costs), contracts with SLA and liability clauses, outsourcing to managed service providers with security SLAs.
Insurance covers financial consequences but NOT the reputation damage, regulatory fines (mostly), or technical remediation. Cyber insurance requires minimum security controls for coverage. Review exclusions — many policies exclude nation-state attacks or unpatched known vulnerabilities.

Related Terms

What is an access token in security? What is an account lockout policy? What is Active Directory (AD)? What is Active Directory Certificate Services (AD CS)?
← Back to Glossary Practice Questions →