Interested in finding out more?

To build an effective cybersecurity strategy, companies must first understand their risk exposure.

By providing insurers with crucial insight and targeted recommendations, we shed light on how organisations inside and outside the insurance industry can improve their security posture.


business-meeting-three-men-one woman-data-analysis

For insurers, assessing risk is a way of life. And yet, most insurance companies are struggling to find effective ways to evaluate and respond to their own cyber risks.

Managing the risk of cybersecurity threats and decreasing the effect of breaches are growing priorities for UK organisations of all sizes, in every industry.
To help UK insurers understand how ready their industry is to safeguard customer data against compromise, Northdoor produced the Cyber Risk Assessment of the UK insurance industry analysis, created using the RiskXchange Cyber Risk Rating Platform.

Using the RiskXchange ratings, based on freely available public open source data, we offer insurance companies an understanding of their risk of suffering a cyber security incident. Enterprises within the industry can use the results of the report to help optimise their cybersecurity strategies, putting them in a stronger position to deal with the evolving threat landscape.

Exploring the findings

The report provides a weighted average of the RiskXchange Risk Rating for a sample of over 150 companies in the UK insurance industry, split across insurance brokers, MGAs/coverholders, carriers and – new for this year – shared service providers to the London / Lloyd’s market. The higher the score, the less likely an organisation will be hit by a successful data breach in the next 12 months.

We calculated an overall risk score for the UK insurance industry of 766 on a scale of 300 to 900, indicating that organisations should be taking action to reduce their exposure to cyber risk. This is particularly the case for application security, where only 2% of companies surveyed got an A rating.

When ratings are broken down by types of company, the report shows that only 27% of brokers scored an A on email security, while 25% of MGAs scored a D on application security, and more than 26% of insurers were rated poor or very poor on network security. Meanwhile, only 2% of shared service providers achieved an A grade on application security, with 7% receiving one of the bottom two grades.

Seven steps to a better security posture

No company’s cybersecurity strategy is fool-proof, meaning that there is always room to improve. We have compiled seven recommendations to guide enterprises towards better risk management and protection of sensitive data. Here is a brief summary of those seven steps (see the report for more detail):

  1. Use the NIST Cybersecurity Framework (or an equivalent) to develop an information security programme.
  2. Cultivate a comprehensive understanding of your own network.
  3. Pinpoint areas in the business where process and policy maturity come in under par.
  4. Ensure that your network management policies are being followed and expose assets only where absolutely necessary.
  5. Safeguard and examine network endpoints.
  6. Confirm that active certificate-management programmes exist and are adhered to.
  7. Stay on top of software patches and upgrades.

By taking these measures, organisations can address the technical flaws, behavioural risk and skills gaps that leave them vulnerable to cyberattack.

Knowledge is power – so learn about the cyber risk exposure of the UK insurance industry by reading the report today.

Get your free copy of the 2021 report, plus an individual risk assessment for your organisation

Northdoor Report 2021 Cyber Risk Assessment of the UK Insurance Industry

The Northdoor 2021 Cyber Risk Assessment of the UK Insurance Industry aims to help you boost your organisation’s existing risk-management plans, and includes recommendations on how to enhance your practices to reduce the risk of breaches.

Complete the form below for your FREE copy of the UK Insurance Industry Cyber Risk Assessment Report 2021 – and get an individual risk assessment for your organisation:

2021 Cyber Risk Assessment Report Download

  • By providing your details, you agree to be contacted by us. We promise to only use your information within Northdoor and not to pass this to any other 3rd party marketing companies. You can opt out at any time. More details can be found in our Privacy Policy .
  • This field is for validation purposes and should be left unchanged.