By providing insurers with crucial insight and targeted recommendations, we shed light on how organisations inside and outside the insurance industry can improve their security posture.
For insurers, assessing risk is a way of life. And yet, most insurance companies are struggling to find effective ways to evaluate and respond to their own cyber risks.
Managing the risk of cybersecurity threats and decreasing the effect of breaches are growing priorities for UK organisations of all sizes, in every industry.
To help UK insurers understand how ready their industry is to safeguard customer data against compromise, Northdoor produced the Cyber Risk Assessment of the UK insurance industry analysis, created using the RiskXchange Cyber Risk Rating Platform.
Using the RiskXchange ratings, based on freely available public open source data, we offer insurance companies an understanding of their risk of suffering a cyber security incident. Enterprises within the industry can use the results of the report to help optimise their cybersecurity strategies, putting them in a stronger position to deal with the evolving threat landscape.
The report provides a weighted average of the RiskXchange Risk Rating for a sample of over 150 companies in the UK insurance industry, split across insurance brokers, MGAs/coverholders and carriers. The higher the score, the less likely an organisation will be hit by a successful data breach in the next 12 months.
We calculated an overall risk score for the UK insurance industry of 762 on a scale of 300 to 900, indicating that organisations should be taking action to reduce their exposure to cyber risk. This is particularly the case for application security, where only 5.56% of companies surveyed got an A rating.
When ratings are broken down by types of company, the report shows that only 38% of brokers scored an A on email security, while 53% of MGAs scored a D on application security, and more than 20% of insurers were rated poor or very poor on network security.
No company’s cybersecurity strategy is fool-proof, meaning that there is always room to improve. We have compiled seven recommendations to guide enterprises towards better risk management and protection of sensitive data. Here is a brief summary of those seven steps (see the report for more detail):
By taking these measures, organisations can address the technical flaws, behavioural risk and skills gaps that leave them vulnerable to cyberattack.
Knowledge is power – so learn about the cyber risk exposure of the UK insurance industry by reading the report today.