With the outbreak of Covid-19, the recession that has resulted, and remote work increasing an organization's risk, I believe this is a very timely article. The risk is also complicated by the plethora of pivacy laws that are being implemented around the globe.
https://www.pwc.com/us/en/services/consulting/cybersecurity/library/buying-cybersecurity-insurance.h...
I am thinking that number 4 on their list is probably the second most critical question that organisations should be asking themselves.
