But my IT provider says no

Even with the best IT in the world, human error and bad stuff still happens. When you install fire extinguishers in your building - you still want insurance in case it burns to the ground. The same with IT, an effective IT provider who installs good preventative systems is some of the best protection you can have. Cyber cover is designed to support the IT provider not undermine them. In the event of a claim your IT provider is one of the first people we will contact to provide assistance (and yes they get paid for their time). Don't forget that the cyber policy provides cover for loss of income (and additional expenses) resulting from not being able to run your systems. While your IT provider will do their best to get you back up and running, there is always going to be down time which can last hours or even days.

Ask your IT provider this

How long will it take to be back up and running following a hack or server failure?
Can we run a drill to see how long it would take to assess the risk?
Would this timing be the same for all events, including hardware failure?
Will you complete the recovery work for free?
Will you pay the loss of income or other increase costs incurred while the business is down?
If I don't take cyber insurance, and I have a cyber attack or failure will you agree fix it for free?