Regulators turn up the heat on cyber-security

This week, Andrew Bulley and Chris Moulder of the PRA have written to insurance firms with details of a cyber-security and resilience questionnaire that should be completed and signed off by a board level executive as a true and accurate reflection of the firm’s current status. The questionnaire should be returned to the PRA no later than 16 October 2015.

The questionnaire is designed to:

  • assess the firm’s policies and capabilities in regards to cyber and resilience risks
  • understand the capabilities and extent to which firms are writing cyber insurance policies
  • help the PRA understand the extent to which confidential customer information is received, processed and stored by the firm.

The instruction is that firms should complete the questionnaire using competent parties with the appropriate experience and knowledge. 

As with all current regulation and requirements in the market this should not be taken lightly, as whoever completes and signs the questionnaire will be held accountable for the accuracy of the answers.  This should not be a box ticking exercise, it should be used as an opportunity to see how prepared you are for the ever increasing cyber risk.

We are recognised experts in cyber and information security with extensive experience in the insurance industry. We can help you complete your response.

For more detail, please contact Gavin Davey.