SMB vendors will likely need to set aside time to develop a plan of action to satisfy evolving cyber insurance mandates.