There has been much attention in the insurance press recently to Travelers Property Casualty Co. of America v. International Control Services Inc. in which Travelers asked to rescind a Cyber insurance policy because of "misrepresentations, omissions, concealment of facts, and incorrect statements" in the application for insurance. Specifically, the applicant made statements about security controls that proved to be overstated in the event of a ransomware attack.
False or misleading statements on any insurance application can result in a policy being cancelled or rescinded - declared void from inception. With Cyber insurance, applications have become more detailed as claims mount. If Travelers' motion to rescind is successful, we can expect more insurers to check applications and void any policies if the applications are not 100% accurate.
Be sure that questions in a Cyber insurance application are answered by a person who is familiar with the computer system, policies and procedures. If a question is hard to understand, get clarification from the underwriter.
Policy terms matter. When purchasing Cyber insurance, try to avoid policies with warranties rather than representations. Applications should be "severable" - knowledge of one insured should not be imputed to others (knowledge of executives will probably be considered known to the named insured). Where possible, policies should be non-rescindable.