Insurer to offer free consultancy to UK firms to aid cyber resilience

Global insurance group Zurich’s UK operation has announced it is to offer its commercial customers free access to support to mitigate their cyber risks.

Speaking today the underwriter said it would offer access to the newly launched ‘Cyber Complete’ service to Zurich UK’s commercial customers with a revenue of below £1 billion revenue.  It added the service, which equates to over 20 hours of free consultation, has been developed and tested over the past six months in collaboration with Zurich Resilience Solutions (ZRS), a specialist team developed to help customers build resilience.

Through Cyber Complete, commercial customers with Zurich’s cyber insurance can benefit from either a cyber health check or a cyber incident response exercise, with all services being delivered by an expert ZRS cyber risk consultant. Zurich said both options are completely confidential and will be followed up with both a presentation to the customer and full report of the findings. This will help customers understand where they stand against industry peers on a percentile basis.

Arunava Banerjee, ZRS cyber risk consultant said: “This type of gap analysis is a really important process in risk management strategy as it highlights weaknesses in the current approach. It identifies risks across three factors: exposures, hazards and controls. From this, we can offer our customers guidance as to how they can rectify problems identified.”

During the first part of the cyber health check process, Zurich explained interviews are carried out with key stakeholders within the customers’ business which can take anything up to a day. These could include discussions with; chief information or security officers, the head of IT or security or IT director to fully understand current cyber controls and exposures. This process will explore technical controls as well as people and process protocols that are in place.

The free in-depth process will address all 23 categories of the NIST Cyber Security Framework, including governance, technical controls, response capabilities, training, and other relevant areas.

The insurer stressed findings from this free service are completely confidential and will not be shared with Zurich underwriters unless customers specifically request it.

Thomas Clayton, Zurich UK’s head of cyber liability said: “Prevention really is better than cure when it comes to cyber resilience. We don’t just want to be a one day a year service at the point of renewal or in the event of a claim. We want to offer more value by working with our customers to help them safeguard against risk throughout the year.

“We have a wealth of information we can utilise to support this service as well as expert consultants. It’s a combination of customer insights, claims and technology which enables us to provide valuable insights and learnings from each customers’ individual industries.”