Insurers from the UK will need to give ‘cyber resilience’ details to the Prudential Regulation Authority (PRA).
The regulator has said that responses from a 6-page questionnaire recently issued to insurers will aid the authority in understanding the current capabilities and policies in the area of cyber security of insurance firms.
Insurers will need to tell the PRA about any arrangements with their governance regarding cyber security. The authority is looking for information on whether or not their strategy has been approved by the board, as well as whether or not cyber security responsibilities and roles within the firm comply with the approved strategy.
Firms will also need to prove that they have efficient risk management practices that are established to deal with any cyber security threats, and inform the PRA if they are surveying the efficiency of such practices.
The questionnaire aims to clearly discover whether or not insurance firms have recognised their vital processes and functions and how they approach this evaluation.
Insurers will also need to note any access controls used, including whether they back-up and encrypt data. Other information that the questionnaire hopes to extract is the method and frequency at which firms evaluate security capabilities of third-party providers.
The new requirements will help cyber security in the insurance industry, but what about other sectors? Until the government insists on a certain standard, SMEs working in other sectors need to open up cyber security jobs to professionals who have high standards of their own in protecting company data and systems.
Send us your CV and have our recruiters match you to the ideal opportunities
Do you already have an account with us?Log in
Want to have an account with us?Register
Want to just send us your CV?
By submitting your registration and CV to us you are agreeing to join our database and to be contacted about relevant jobs industry communications. Please read our terms of business for more information.